jQuery cross site scripting

[BeHappy4Ever 235]

Hello , with jQuery cross site scripting someone can find the mysql password or login with adminpanel?because i scanned my site and there is this problem..

[Denis 1464]

Post the results of your scanning.

[BeHappy4Ever 235]

2High:

jQuery cross site scripting

Only generic information is available in the Trial Edition. You can access a complete report on this vulnerability using the Full Edition. Click here to buy.

Vulnerability description

This page is using an older version of jQuery that is vulnerable to a Cross Site Scripting vulnerability. Many sites are using to select elements using location.hash that allows someone to inject script into the page. This problem was fixed in jQuery 1.6.3.

Affected items

This information is not available in the Trial Edition.

The impact of this vulnerability

Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.

How to fix this vulnerability

This information is not available in the Trial Edition.  

 

 

[Skyin 3]

http://code.jquery.com/jquery-1.11.3.min.js

Replace your old jQuery with this and your site should be ok.

[BeHappy4Ever 235]

I asked with if with jQuery cross site scripting someone can find the mysql password or login with adminpanel?because i scanned my site and there is this problem , because i'm afraid if someone took my staff , i fixed it