We're using jQuery and I've come across the following jQuery vulnerability in the National Vulnerability Database:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2379
Has this been fixed in more recent versions of jQuery? The original release date on the vulnerability is 4/30/2007.
I'm trying to ensure that the little jQuery we do use doesn't expose this vulnerability, does anyone have examples of it?
Have a look at jQuery.getJSON():
If the specified URL is on a remote server, the request is treated as JSONP instead.
Read about JSONP here.
As long as you're using JSONP, this vulnerability doesn't exist.
Also, this 'vulnerability' is stupid. Anyone can exchange data using JSON, it's not just jQuery that uses it.
Isn't the problem only there when you use JSONP? It's all safe as long as all the sources are trusted.
As something inherent to JS, there's no way to fix it. Possibly, the XMLHttpRequest/CORS Cross-Origin Resource Sharing spec which is supported by many of the modern browsers (but requires the providing server to be configured to send out the CORS header) could be used instead of JSONP and using Douglas Crockford's JSON2 library (which also falls back on native browser JSON support if available).
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 走好不送 的文章《jQuery vulnerability (NVD CVE-2007-2379)》','https://www.manongdao.com/article-858908.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}