VYPR
Moderate severityNVD Advisory· Published Mar 8, 2013· Updated Jun 16, 2026

CVE-2011-4969

CVE-2011-4969

Description

Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
jquerynpm
< 1.6.31.6.3
jQueryNuGet
< 1.6.31.6.3
jquery-railsRubyGems
< 1.0.161.0.16
org.webjars.npm:jqueryMaven
< 1.6.31.6.3

Affected products

8

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.