Tag
cve-2020-11023
Safeguard articles tagged "cve-2020-11023" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
CVE-2020-11023: XSS in jQuery option/script tag handling
CVE-2020-11023 let untrusted HTML with option tags bypass sanitization in jQuery's DOM methods, enabling XSS. Here's the fix, timeline, and remediation.
Oct 15, 20258 min read
Vulnerabilities
jQuery 3.5.1 Vulnerabilities: What Was Actually Fixed
jQuery 3.5.1 closed a second cross-site scripting hole in the htmlPrefilter regex that 3.5.0 had only partially patched — here's exactly what changed and why old jQuery bundles still trip scanners.
Mar 14, 20245 min read