1
Candidate: CVE-2012-6662
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6662
6
Cross-site scripting (XSS) vulnerability in the default content option in
7
jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0
8
allows remote attackers to inject arbitrary web script or HTML via the
9
title attribute, which is not properly handled in the autocomplete combo
14
http://bugs.jqueryui.com/ticket/8861
20
upstream: https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde
21
upstream_jqueryui: needs-triage
22
lucid_jqueryui: ignored (reached end-of-life)
23
precise_jqueryui: not-affected (code not present)
24
trusty_jqueryui: not-affected (1.10.1+dfsg-1)
25
utopic_jqueryui: not-affected (1.10.1+dfsg-1)
26
devel_jqueryui: not-affected (1.10.1+dfsg-1)