CVE-2015-9251
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-9251
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
jQuery 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
jQuery是美国John Resig个人开发者的一套开源、跨浏览器的JavaScript库。该库简化了HTML与JavaScript之间的操作,并具有模块化、插件扩展等特点。 jQuery 3.0.0之前版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-9251
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/halkichi0308/CVE-2015-9251 | POC Details |
| 2 | PoC para CVE-2015-9251 jQuery menor a 3.0.0. | https://github.com/moften/CVE-2015-9251 | POC Details |
| 3 | This repository contains a Proof of Concept (PoC) for CVE-2015-9251, a vulnerability in jQuery versions prior to 3.0.0 that allows attackers to perform Cross-Site Scripting (XSS) attacks under certain conditions. | https://github.com/hackgiver/CVE-2015-9251 | POC Details |
| 4 | cve-2015-9251 | https://github.com/rox-11/xss | POC Details |
| 5 | CVE-2015-9251 exploit example | https://github.com/wakefulblock262/CVE-2015-9251 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-9251
Please Login to view more intelligence information
- https://www.oracle.com/security-alerts/cpujul2020.htmlx_refsource_MISC
- https://www.oracle.com/security-alerts/cpuoct2020.htmlx_refsource_MISC
- https://www.oracle.com/security-alerts/cpujan2020.htmlx_refsource_MISC
- https://github.com/jquery/jquery/pull/2588x_refsource_MISC
- https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04x_refsource_MISC
- https://security.netapp.com/advisory/ntap-20210108-0004/x_refsource_CONFIRM
- https://www.tenable.com/security/tns-2019-08x_refsource_CONFIRM
- https://snyk.io/vuln/npm:jquery:20150627x_refsource_MISC
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlx_refsource_CONFIRM
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlx_refsource_CONFIRM
- https://github.com/jquery/jquery/issues/2432x_refsource_MISC
- https://www.oracle.com/security-alerts/cpuapr2020.htmlx_refsource_MISC
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Same Patch Batch · n/a · 2018-01-18 · 44 CVEs total
| CVE-2018-5766 | Libav 安全漏洞 | |
| CVE-2017-15869 | LiveZilla 跨站脚本漏洞 | |
| CVE-2014-2017 | OXID eShop 安全漏洞 | |
| CVE-2016-6814 | Apache Groovy 代码问题漏洞 | |
| CVE-2018-5773 | markdown2 跨站脚本漏洞 | |
| CVE-2017-17860 | Samsung Gear S2和S3 输入验证错误漏洞 | |
| CVE-2018-5776 | WordPress MediaElement 跨站脚本漏洞 | |
| CVE-2012-6708 | jQuery 跨站脚本漏洞 | |
| CVE-2016-10707 | jQuery 安全漏洞 | |
| CVE-2017-5170 | Moxa SoftNVR-IA Live Viewer 安全漏洞 | |
| CVE-2018-5772 | Exiv2 安全漏洞 | |
| CVE-2018-0115 | Cisco ASR 5000 Series路由器Cisco StarOS操作系统命令注入漏洞 | |
| CVE-2018-0111 | Cisco WebEx Meetings Server 信息泄露漏洞 | |
| CVE-2018-0110 | Cisco WebEx Meetings Server 安全漏洞 | |
| CVE-2018-0109 | Cisco WebEx Meetings Server 信息泄露漏洞 | |
| CVE-2018-0108 | Cisco WebEx Meetings Server 信息泄露漏洞 | |
| CVE-2018-0107 | Cisco Prime Service Catalog 跨站脚本漏洞 | |
| CVE-2018-0106 | Cisco Elastic Services Controller 信息泄露漏洞 | |
| CVE-2018-0105 | Cisco Unified Communications Manager 信息泄露漏洞 | |
| CVE-2018-0102 | Cisco Nexus 7000 Series Switches和7700 Series Switches Cisco NX-OS Software 安全漏洞 |
Showing top 20 of 44 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2015-9251
No comments yet