[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2012-6708":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":67,"duplicate_of":9,"upstream":69,"downstream":70,"duplicates":81,"related":84,"reserved_at":9,"published_at":87,"modified_at":88,"state":89,"summary":90,"references_raw":98,"kevs":221,"epss":222,"epss_history":225,"metrics":488,"affected":505},"CVE-2012-6708","jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '\u003C' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '\u003C' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[45,54],{"_key":46,"name":47,"source":48,"url":49,"maturity":50,"reliability_score":51,"verified":52,"type":9,"platforms":53,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_D6FA2DFD76992FE4","Exploit Reference (bugs.jquery.com)","reference","https://bugs.jquery.com/ticket/11290","unknown",0.2,false,[],{"_key":55,"name":56,"source":57,"url":58,"maturity":59,"reliability_score":60,"verified":52,"type":9,"platforms":61,"requires_auth":9,"exploitdb":63,"metasploit":9},"49708","Linksys EA7500 2.0.8.194281 - Cross-Site Scripting","exploit-database","https://www.exploit-db.com/exploits/49708","poc",0.5,[62],"hardware",{"verified":52,"type":64,"platform":62,"file":65,"codes":66},"webapps","exploits/hardware/webapps/49708.txt",[7],[68],"GHSA-2pqj-h3vj-pqgw",[],[71,73,75,77,79],{"_key":72},"ALPINE-CVE-2012-6708",{"_key":74},"SUSE-SU-2020:0737-1",{"_key":76},"UBUNTU-CVE-2012-6708",{"_key":78},"OPENSUSE-SU-2020:0395-1",{"_key":80},"USN-7622-1",[82],{"_key":83},"CVE-2017-16011",[85,86],{"_key":74},{"_key":78},"2018-01-18T23:00:00.000Z","2024-08-06T21:36:02.207Z","Modified",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":91,"epss_score":92,"severity":93,"severity_score":94,"severity_version":95,"severity_source":96,"severity_vector":97,"severity_status":89},"low",0.00902,"medium",6.1,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[99,111,117,121,126,132,136,142,146,150,155,159,164,168,172,176,180,184,188,192,196,200,204,209,213,217],{"url":100,"sources":101,"tags":106},"https://snyk.io/vuln/npm:jquery:20120206",[102,96,103,104,105],"cve.org","osv_npm","osv_maven","osv_nuget",[107,108,109,110],"X Refsource MISC","Patch","Third Party Advisory","WEB",{"url":49,"sources":112,"tags":113},[102,96,103,104,105],[107,114,115,116,110],"Exploit","Issue Tracking","Vendor Advisory",{"url":118,"sources":119,"tags":120},"https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d",[102,96,103,104,105],[107,108,109,110],{"url":122,"sources":123,"tags":124},"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",[102,96,103,104,105],[125,109,110],"X Refsource CONFIRM",{"url":127,"sources":128,"tags":129},"http://www.securityfocus.com/bid/102792",[102,96],[130,131,109],"VDB Entry","X Refsource BID",{"url":133,"sources":134,"tags":135},"http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html",[102,96,103,104,105],[107,110],{"url":137,"sources":138,"tags":139},"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",[102,96],[140,141],"Mailing List","X Refsource MLIST",{"url":143,"sources":144,"tags":145},"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",[102,96],[140,141],{"url":147,"sources":148,"tags":149},"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",[102,96],[140,141],{"url":151,"sources":152,"tags":153},"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html",[102,96,103,104,105],[116,154,110],"X Refsource SUSE",{"url":156,"sources":157,"tags":158},"http://packetstormsecurity.com/files/161972/Linksys-EA7500-2.0.8.194281-Cross-Site-Scripting.html",[102,96,103,104,105],[107,110],{"url":160,"sources":161,"tags":162},"https://nvd.nist.gov/vuln/detail/CVE-2017-16011",[103,104,105],[163],"Advisory",{"url":165,"sources":166,"tags":167},"https://nvd.nist.gov/vuln/detail/CVE-2012-6708",[103,104,105],[163],{"url":169,"sources":170,"tags":171},"https://web.archive.org/web/20200227132049/http://www.securityfocus.com/bid/102792",[103,104,105],[110],{"url":173,"sources":174,"tags":175},"https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450223",[103,104,105],[110],{"url":177,"sources":178,"tags":179},"https://research.insecurelabs.org/jquery/test",[103,104,105],[110],{"url":181,"sources":182,"tags":183},"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",[103,104,105],[110],{"url":185,"sources":186,"tags":187},"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",[103,104,105],[110],{"url":189,"sources":190,"tags":191},"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",[103,104,105],[110],{"url":193,"sources":194,"tags":195},"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2012-6708.yml",[103,104,105],[110],{"url":197,"sources":198,"tags":199},"https://github.com/rails/jquery-rails/blob/v2.2.0/vendor/assets/javascripts/jquery.js#L67",[103,104,105],[110],{"url":201,"sources":202,"tags":203},"https://github.com/rails/jquery-rails/blob/v2.1.4/vendor/assets/javascripts/jquery.js#L59",[103,104,105],[110],{"url":205,"sources":206,"tags":207},"https://github.com/jquery/jquery",[103,104,105],[208],"PACKAGE",{"url":210,"sources":211,"tags":212},"https://bugs.jquery.com/ticket/9521",[103,104,105],[110],{"url":214,"sources":215,"tags":216},"https://bugs.jquery.com/ticket/6429",[103,104,105],[110],{"url":218,"sources":219,"tags":220},"https://bugs.jquery.com/ticket/12531",[103,104,105],[110],[],{"date":223,"score":92,"percentile":224},"2026-06-04",0.76069,[226,229,232,235,238,240,243,246,248,251,254,257,260,263,265,268,271,274,277,280,283,286,289,292,295,298,300,302,306,309,312,315,318,320,322,324,327,330,333,336,339,341,344,347,350,353,356,359,362,364,367,370,373,376,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434,437,440,443,446,449,452,455,458,461,464,467,470,473,476,479,482,485],{"date":227,"score":92,"percentile":228},"2025-11-04",0.74939,{"date":230,"score":92,"percentile":231},"2025-11-05",0.7493,{"date":233,"score":92,"percentile":234},"2025-11-06",0.74928,{"date":236,"score":92,"percentile":237},"2025-11-07",0.74946,{"date":239,"score":92,"percentile":237},"2025-11-08",{"date":241,"score":92,"percentile":242},"2025-11-09",0.74942,{"date":244,"score":92,"percentile":245},"2025-11-10",0.74926,{"date":247,"score":92,"percentile":234},"2025-11-11",{"date":249,"score":92,"percentile":250},"2025-11-12",0.74948,{"date":252,"score":92,"percentile":253},"2025-11-13",0.74955,{"date":255,"score":92,"percentile":256},"2025-11-14",0.74959,{"date":258,"score":92,"percentile":259},"2025-11-15",0.74958,{"date":261,"score":92,"percentile":262},"2025-11-16",0.74956,{"date":264,"score":92,"percentile":237},"2025-11-17",{"date":266,"score":92,"percentile":267},"2025-11-18",0.73697,{"date":269,"score":92,"percentile":270},"2025-11-19",0.73702,{"date":272,"score":92,"percentile":273},"2025-11-20",0.73711,{"date":275,"score":92,"percentile":276},"2025-11-21",0.74968,{"date":278,"score":92,"percentile":279},"2025-11-22",0.74962,{"date":281,"score":92,"percentile":282},"2025-11-23",0.74949,{"date":284,"score":92,"percentile":285},"2025-11-24",0.74944,{"date":287,"score":92,"percentile":288},"2025-11-25",0.74945,{"date":290,"score":92,"percentile":291},"2025-11-26",0.74952,{"date":293,"score":92,"percentile":294},"2025-11-27",0.74953,{"date":296,"score":92,"percentile":297},"2025-11-28",0.7494,{"date":299,"score":92,"percentile":228},"2025-11-29",{"date":301,"score":92,"percentile":228},"2025-11-30",{"date":303,"score":304,"percentile":305},"2025-12-01",0.01446,0.80248,{"date":307,"score":304,"percentile":308},"2025-12-02",0.80252,{"date":310,"score":304,"percentile":311},"2025-12-03",0.80251,{"date":313,"score":92,"percentile":314},"2025-12-04",0.74933,{"date":316,"score":92,"percentile":317},"2025-12-05",0.74943,{"date":319,"score":92,"percentile":237},"2025-12-06",{"date":321,"score":92,"percentile":317},"2025-12-07",{"date":323,"score":92,"percentile":250},"2025-12-08",{"date":325,"score":92,"percentile":326},"2025-12-09",0.74978,{"date":328,"score":92,"percentile":329},"2025-12-10",0.75004,{"date":331,"score":92,"percentile":332},"2025-12-11",0.75018,{"date":334,"score":92,"percentile":335},"2025-12-12",0.75042,{"date":337,"score":92,"percentile":338},"2025-12-13",0.75046,{"date":340,"score":92,"percentile":335},"2025-12-14",{"date":342,"score":92,"percentile":343},"2025-12-15",0.75045,{"date":345,"score":92,"percentile":346},"2025-12-16",0.75057,{"date":348,"score":92,"percentile":349},"2025-12-17",0.75067,{"date":351,"score":92,"percentile":352},"2025-12-18",0.75091,{"date":354,"score":92,"percentile":355},"2025-12-19",0.75108,{"date":357,"score":92,"percentile":358},"2025-12-20",0.75102,{"date":360,"score":92,"percentile":361},"2025-12-21",0.75097,{"date":363,"score":92,"percentile":361},"2025-12-22",{"date":365,"score":92,"percentile":366},"2025-12-23",0.75093,{"date":368,"score":92,"percentile":369},"2025-12-24",0.75101,{"date":371,"score":92,"percentile":372},"2025-12-25",0.75126,{"date":374,"score":92,"percentile":375},"2025-12-26",0.75123,{"date":377,"score":378,"percentile":379},"2025-12-27",0.00769,0.72954,{"date":381,"score":92,"percentile":382},"2025-12-28",0.75105,{"date":384,"score":92,"percentile":385},"2025-12-29",0.75104,{"date":387,"score":92,"percentile":388},"2025-12-30",0.75118,{"date":390,"score":92,"percentile":391},"2025-12-31",0.75139,{"date":393,"score":304,"percentile":394},"2026-01-01",0.80409,{"date":396,"score":304,"percentile":397},"2026-01-02",0.80406,{"date":399,"score":304,"percentile":400},"2026-01-03",0.80403,{"date":402,"score":92,"percentile":403},"2026-01-04",0.75151,{"date":405,"score":92,"percentile":406},"2026-01-05",0.75143,{"date":408,"score":92,"percentile":409},"2026-01-06",0.7516,{"date":411,"score":92,"percentile":412},"2026-01-07",0.75169,{"date":414,"score":92,"percentile":415},"2026-01-08",0.75183,{"date":417,"score":92,"percentile":418},"2026-01-09",0.75186,{"date":420,"score":92,"percentile":421},"2026-01-10",0.75188,{"date":423,"score":92,"percentile":424},"2026-01-11",0.75177,{"date":426,"score":92,"percentile":427},"2026-01-12",0.75162,{"date":429,"score":92,"percentile":430},"2026-01-13",0.75163,{"date":432,"score":92,"percentile":433},"2026-01-14",0.7519,{"date":435,"score":92,"percentile":436},"2026-01-15",0.75197,{"date":438,"score":92,"percentile":439},"2026-01-16",0.75211,{"date":441,"score":92,"percentile":442},"2026-01-17",0.7521,{"date":444,"score":92,"percentile":445},"2026-01-18",0.75201,{"date":447,"score":92,"percentile":448},"2026-01-19",0.75195,{"date":450,"score":92,"percentile":451},"2026-01-20",0.75199,{"date":453,"score":92,"percentile":454},"2026-01-21",0.75203,{"date":456,"score":92,"percentile":457},"2026-01-22",0.75208,{"date":459,"score":92,"percentile":460},"2026-01-23",0.75234,{"date":462,"score":92,"percentile":463},"2026-01-24",0.75241,{"date":465,"score":92,"percentile":466},"2026-01-25",0.75227,{"date":468,"score":92,"percentile":469},"2026-01-26",0.75226,{"date":471,"score":92,"percentile":472},"2026-01-27",0.75235,{"date":474,"score":92,"percentile":475},"2026-01-28",0.75243,{"date":477,"score":92,"percentile":478},"2026-01-29",0.75239,{"date":480,"score":92,"percentile":481},"2026-01-30",0.75242,{"date":483,"score":92,"percentile":484},"2026-01-31",0.75245,{"date":486,"score":304,"percentile":487},"2026-02-01",0.80469,[489,499,501,503],{"source":96,"cvss_v2_0":490,"cvss_v3_0":495,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":491,"baseSeverity":9,"vectorString":492,"impactScore":493,"exploitabilityScore":494},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":94,"baseSeverity":496,"vectorString":97,"impactScore":497,"exploitabilityScore":498},"MEDIUM",4.5,7.2,{"source":103,"cvss_v2_0":9,"cvss_v3_0":500,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":94,"baseSeverity":9,"vectorString":97,"impactScore":497,"exploitabilityScore":498},{"source":104,"cvss_v2_0":9,"cvss_v3_0":502,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":94,"baseSeverity":9,"vectorString":97,"impactScore":497,"exploitabilityScore":498},{"source":105,"cvss_v2_0":9,"cvss_v3_0":504,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":94,"baseSeverity":9,"vectorString":97,"impactScore":497,"exploitabilityScore":498},[506,517,524,533,539],{"ecosystem":507,"name":508,"vendor":507,"product":508,"cpe_part":9,"purl_type":509,"purl_namespace":9,"purl_name":508,"source":9,"versions":510},"RubyGems","jquery-rails","gem",[511],{"version":512,"is_range":513,"range_type":514,"version_start":9,"version_start_type":9,"version_end":515,"version_end_type":516,"fixed_in":9},"lt2_2_0",true,"ecosystem","2.2.0","excluding",{"ecosystem":9,"name":518,"vendor":9,"product":518,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":519},"JQuery",[520],{"version":521,"is_range":513,"range_type":522,"version_start":9,"version_start_type":9,"version_end":523,"version_end_type":516,"fixed_in":9},"lt1.9.0","cpe","1.9.0",{"ecosystem":525,"name":526,"vendor":527,"product":528,"cpe_part":9,"purl_type":529,"purl_namespace":527,"purl_name":528,"source":9,"versions":530},"Maven","org.webjars.npm:jquery","org.webjars.npm","jquery","maven",[531],{"version":532,"is_range":513,"range_type":514,"version_start":9,"version_start_type":9,"version_end":523,"version_end_type":516,"fixed_in":9},"lt1_9_0",{"ecosystem":534,"name":528,"vendor":534,"product":528,"cpe_part":9,"purl_type":535,"purl_namespace":9,"purl_name":528,"source":9,"versions":536},"Npm","npm",[537],{"version":532,"is_range":513,"range_type":538,"version_start":9,"version_start_type":9,"version_end":523,"version_end_type":516,"fixed_in":9},"semver",{"ecosystem":540,"name":528,"vendor":540,"product":528,"cpe_part":9,"purl_type":541,"purl_namespace":9,"purl_name":528,"source":9,"versions":542},"NuGet","nuget",[543],{"version":532,"is_range":513,"range_type":514,"version_start":9,"version_start_type":9,"version_end":523,"version_end_type":516,"fixed_in":9}]