Information disclosure in Jquery

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute…

Vulnerability class: Information Disclosure

EPSS: 0.028 (84.5th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References