Information disclosure in Jquery
CVE-2007-2379
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute…
Vulnerability class: Information Disclosure
EPSS: 0.028 (84.5th percentile) — read the EPSS interpretation.
Affected products
- Jquery
- Netapp Snapcenter
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (URL Repurposed, Third Party Advisory, x_refsource_MISC)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry, Broken Link)
- cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)