Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libjs-jquery-ui": "1.10.1+dfsg-1", "libjs-jquery-ui-docs": "1.10.1+dfsg-1" } ] }