Bug 1591840 (CVE-2012-6708) - CVE-2012-6708 js-jquery: XSS via improper selector detection
Summary: CVE-2012-6708 js-jquery: XSS via improper selector detection
Keywords:
Status: NEW
Alias: CVE-2012-6708
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20170321,repor...
Depends On: 1591841 1591842 1591843 1591844 1591845 1591846 1591847 1591849 1610366 1591848 1591850 1591851 1610362 1610363 1610364 1610365 1610367 1610368 1610369 1610370
Blocks: 1591852
TreeView+ depends on / blocked
 
Reported: 2018-06-15 17:14 UTC by Pedro Sampaio
Modified: 2019-09-09 00:09 UTC (History)
71 users (show)

Fixed In Version: js-jquery 1.9.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Pedro Sampaio 2018-06-15 17:14:55 UTC
Affected versions of jquery are vulnerable to cross-site scripting. This occurs because the main jquery function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that jquery may interpret HTML as selectors when given certain inputs, allowing for client side code execution.

References:

https://bugs.jquery.com/ticket/11290
https://bugs.jquery.com/ticket/12531
https://bugs.jquery.com/ticket/6429
https://bugs.jquery.com/ticket/9521
https://nodesecurity.io/advisories/329

Comment 1 Pedro Sampaio 2018-06-15 17:16:44 UTC
Created js-jquery tracking bugs for this issue:

Affects: fedora-all [bug 1591846]


Created js-jquery1 tracking bugs for this issue:

Affects: fedora-all [bug 1591842]


Created js-jquery2 tracking bugs for this issue:

Affects: fedora-all [bug 1591844]


Created python-XStatic-jQuery tracking bugs for this issue:

Affects: epel-7 [bug 1591849]
Affects: fedora-all [bug 1591841]


Created python-tw2-jquery tracking bugs for this issue:

Affects: epel-all [bug 1591845]
Affects: fedora-all [bug 1591843]


Created rubygem-jquery-rails tracking bugs for this issue:

Affects: fedora-all [bug 1591847]

Comment 3 James Hebden 2018-06-20 08:14:01 UTC
Marking OpenStack not affected, due to the packaged version being at least 1.10.1 across all releases. Per the advisory, the patch is present in 1.9.0+

Comment 4 Cedric Buissart 🐶 2018-07-13 10:53:27 UTC
Renamed from CVE-2017-16011 to CVE-2012-6708 (see https://nvd.nist.gov/vuln/detail/CVE-2017-16011)

Comment 5 Cedric Buissart 🐶 2018-07-13 11:00:04 UTC
External References:

https://snyk.io/vuln/npm:jquery:20120206

Comment 6 Cedric Buissart 🐶 2018-07-13 11:49:53 UTC
Upstream fix:
https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d


Note You need to log in before you can comment on or make changes to this bug.