CVE-2020-11022

This exploit demonstrates a DOM-based XSS vulnerability in jQuery versions 1.2 to 3.5.0 by injecting malicious HTML into a page, triggering an alert via an onerror event. The PoC leverages improper handling of HTML fragments in jQuery's parsing logic.

This repository demonstrates CVE-2020-11022 and CVE-2020-11023, which are XSS vulnerabilities in jQuery versions before 3.5.0. The PoC includes a PHP page that exploits the vulnerability via DOM manipulation methods like .html().

This repository contains a writeup describing a potential XSS vulnerability in jQuery.htmlPrefilter and related methods, specifically CVE-2020-11022. It provides recommendations for mitigation, including updating to jQuery 3.5.0 or applying a workaround.

The repository contains a README describing CVE-2020-11022, a reflected XSS vulnerability caused by improper input handling in HTML responses. No exploit code is provided, only a brief description of the vulnerability.

This repository contains a functional proof-of-concept for CVE-2020-11022, demonstrating a cross-site scripting (XSS) vulnerability in jQuery versions prior to 3.5.0. The exploit leverages inconsistencies in HTML parsing logic to bypass sanitization and execute arbitrary JavaScript.

This repository appears to be a placeholder or template for jQuery development, lacking any actual exploit code or technical details related to CVE-2020-11022. It contains standard project files like issue templates, pull request templates, and build scripts, but no PoC or analysis of the vulnerability.

This repository appears to be part of the OpenSSF CVE Benchmark project, focusing on CVE-2020-11022. It contains documentation, build scripts, and templates but no actual exploit code. The content is primarily related to jQuery project management and testing infrastructure.