Tag
jquery-security
Safeguard articles tagged "jquery-security" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerabilities
jQuery 3.6.0 Vulnerabilities: What Is Actually Exploitable
Scanners keep flagging jQuery 3.6.0 as vulnerable — but jQuery core in that version has no known direct CVEs. Here is what the alerts really mean and where the exploitable risk actually lives.
May 7, 20256 min read
Vulnerabilities
CVE-2011-4969: The jQuery XSS Bug, a Decade Later
CVE-2011-4969 is a cross-site scripting flaw in jQuery versions before 1.6.3, triggered by unsanitized attribute-selector input — it's a small, old bug, but the reasons it lingered in codebases for years are still relevant.
Nov 19, 20245 min read