Path to dependency file: MSLab_depth_0/Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html
Path to vulnerable library: /Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html,/Scenarios/S2D and Pester/ReportsOK/S2D-Cluster-Report/Index.html
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Path to dependency file: /tmp/ws-ua_20211211222042_LVEPBJ/archiveExtraction_JDSPYN/RIPLMO/20211211222043/MSLab_depth_0/Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html
Path to vulnerable library: /Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html,/Scenarios/S2D and Pester/ReportsOK/S2D-Cluster-Report/Index.html
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Path to dependency file: /tmp/ws-ua_20211211222042_LVEPBJ/archiveExtraction_JDSPYN/RIPLMO/20211211222043/MSLab_depth_0/Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html
Path to vulnerable library: /Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html,/Scenarios/S2D and Pester/ReportsOK/S2D-Cluster-Report/Index.html
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Path to dependency file: /tmp/ws-ua_20211211222042_LVEPBJ/archiveExtraction_JDSPYN/RIPLMO/20211211222043/MSLab_depth_0/Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html
Path to vulnerable library: /Scenarios/S2D and Pester/ReportsFail/S2D-Cluster-Report/Index.html,/Scenarios/S2D and Pester/ReportsOK/S2D-Cluster-Report/Index.html
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.