Bugzilla – Bug 1190660
VUL-0: CVE-2020-11023: jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
Last modified: 2024-05-28 12:02:59 UTC
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
while we do not ship jquery as standalone package, it is embedded in various packages: python*-Sphinx: The embedded jquery uses only html code injected is coming from Sphinx locally, its not attacker influencable. (for local Sphinx documentation browsing and searching) python*-greenlet: The embedded jquery uses only html code injected is coming from greenlet locally, its not attacker influencable. (for local Sphinx documentation browsing and searching) python*-Werkzeug: The embedded jquery is used in the embedded interactive debugger to debug WSGI applications. It helps with the debugger operation and does not get malicious input.
Done, closing.