Skip to content

Potential Vulnerability in Cloned Code#80

Open
navnitan-7 wants to merge 1 commit into
kangvcar:masterfrom
navnitan-7:fix/cve-2015-9251-jquery-ajax
Open

Potential Vulnerability in Cloned Code#80
navnitan-7 wants to merge 1 commit into
kangvcar:masterfrom
navnitan-7:fix/cve-2015-9251-jquery-ajax

Conversation

@navnitan-7

@navnitan-7 navnitan-7 commented Mar 31, 2026

Copy link
Copy Markdown

Summary

Potential CVE-2015-9251 alignment in vendored jQuery (extension/js/jquery.js): cross-domain Ajax could treat responses as executable script when conversion inferred dataType "script".

Affected code

  • File: extension/js/jquery.js
  • Function: ajaxConvert (inside the while ( current ) loop, branch prev !== "*" && prev !== current)

Changes

Mirror the upstream jQuery fix: when the request is cross-domain (s.crossDomain) and the next inferred type is "script", skip that conversion step (continue) so the response is not executed as script unless the caller explicitly set dataType: "script".

Original fix: jquery/jquery@2546bb35 (mitigates gh-2432).

Impact

Reduces XSS risk for consumers of this bundled jQuery when using $.ajax / related APIs against cross-origin endpoints without an explicit script dataType.

References

@navnitan-7
fix: mitigate CVE-2015-9251 in vendored jQuery ajax
fcdf0e4 
Skip script conversion on cross-domain responses unless dataType
is explicitly script, matching jquery/jquery@2546bb35 (gh-2432).

Made-with: Cursor
@vercel

vercel Bot commented Mar 31, 2026

Copy link
Copy Markdown

@navnitan-7 is attempting to deploy a commit to the kangvcar's projects Team on Vercel.

A member of the Team first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@navnitan-7