{"id":"CVE-2020-7656","details":"jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove \"\u003cscript\u003e\" HTML tags that contain a whitespace character, i.e: \"\u003c/script \u003e\", which results in the enclosed script logic to be executed.","aliases":["GHSA-q4m3-2j7h-f7xw"],"modified":"2026-04-10T04:28:08.992045Z","published":"2020-05-19T21:15:10.257Z","related":["ALSA-2021:4142","SNYK-JS-JQUERY-569619"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200528-0001/"},{"type":"ADVISORY","url":"https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1?language=en_US"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JS-JQUERY-569619"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jquery/jquery","events":[{"introduced":"0"},{"fixed":"6361fdf2f30e41f565a953eb120f795774c65c4e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.9.0"}]}}],"versions":["1.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0a","1.1","1.1.1","1.1.2","1.1.3","1.1.3.1","1.1.3a","1.1.4","1.1a","1.1b","1.2","1.2.1","1.2.2","1.2.2b","1.2.2b2","1.2.3a","1.2.3b","1.2.4","1.2.4a","1.2.4b","1.2.5","1.3.1rc1","1.3b1","1.3b2","1.3rc1","1.4.3rc1","1.4.3rc2","1.4.4rc1","1.4.4rc2","1.4.4rc3","1.4a1","1.4a2","1.4rc1","1.5.1rc1","1.5.2rc1","1.5b1","1.5rc1","1.6.1rc1","1.6.2rc1","1.6.3rc1","1.6.4rc1","1.6b1","1.6rc1","1.7.1rc1","1.7.2b1","1.7.2rc1","1.7b1","1.7b2","1.7rc1","1.8b1","1.8b2","1.8rc1","1.9.0b1","1.9.0rc1"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.58"}]},{"events":[{"introduced":"3.0.0"},{"last_affected":"3.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"21.2-NA"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7656.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}