Loading
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry
Use CWE-79, Jquery vendor hub and Jquery product page to widen CVE-2018-18405 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2020-11023, CVE-2016-10707 and CVE-2020-11022 for nearby disclosures in the same product family.