Debian Security Advisory

DLA-258-1 jqueryui -- LTS security update

Date Reported:
29 Jun 2015
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2010-5312.
More information:

Shadowman131 discovered that jqueryui, a JavaScript UI library for dynamic web applications, failed to properly sanitize its title option. This would allow a remote attacker to inject arbitrary code through cross-site scripting.