Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [+] Vulnerable component: jquery v2.2.4
- [!] Component location: http://www.worldbank.org/etc.clientlibs/worldbankgroup/clientlibs/vendor/jquery.js
- [!] Total vulnerabilities: 3
- [!] Summary: parseHTML() executes scripts in event handlers
- [!] Severity: medium
- [!] CVE: CVE-2015-9251
- [!] Summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
- [!] Severity: low
- [!] CVE: CVE-2019-11358
- [!] Summary: 3rd party CORS request may execute
- [!] Severity: medium
- [!] CVE: CVE-2015-9251
- ------------------------------------------------------------
- [+] Potentially vulnerable objects found at http://www.worldbank.org
- ------------------------------------------------------------
- 6 document.cookie = cname + "=" + cvalue + "; " + expiration;
- 3 var consent_note = document.cookie.replace(/(?:(?:^|.*;\s*)consent_cookie\s*\=\s*([^;]*).*$)|^.*$/, '$1');
- 6 var url = window.location.href;
- 7 window.location = $(this).closest(".search_code_at_the_end").attr("action")+qterm;
- 7 window.location = $(this).closest(".search_code_at_the_end").attr("action")+qterm;
- 7 document.getElementById("footer-year").innerHTML = year;
- 3 function b(a){c[a]=function(){var b=arguments;c.queue.push(function(){c[a].apply(c,b)})}}var c={config:a},d=document,e=window;setTimeout(function(){var b=d.createElement("script");b.src=a.url||"https://az416426.vo.msecnd.net/scripts/a/ai.0.js",d.getElementsByTagName("script")[0].parentNode.appendChild(b)});try{c.cookie=d.cookie}catch(a){}c.queue=[];for(var f=["Event","Exception","Metric","PageView","Trace","Dependency"];f.length;)b("track"+f.pop());if(b("setAuthenticatedUserContext"),b("clearAuthenticatedUserContext"),b("startTrackEvent"),b("stopTrackEvent"),b("startTrackPage"),b("stopTrackPage"),b("flush"),!a.disableExceptionTracking){f="onerror",b("_"+f);var g=e[f];e[f]=function(a,b,d,e,h){var i=g&&g(a,b,d,e,h);return!0!==i&&c["_"+f](a,b,d,e,h),i}}return c
- 3 function b(a){c[a]=function(){var b=arguments;c.queue.push(function(){c[a].apply(c,b)})}}var c={config:a},d=document,e=window;setTimeout(function(){var b=d.createElement("script");b.src=a.url||"https://az416426.vo.msecnd.net/scripts/a/ai.0.js",d.getElementsByTagName("script")[0].parentNode.appendChild(b)});try{c.cookie=d.cookie}catch(a){}c.queue=[];for(var f=["Event","Exception","Metric","PageView","Trace","Dependency"];f.length;)b("track"+f.pop());if(b("setAuthenticatedUserContext"),b("clearAuthenticatedUserContext"),b("startTrackEvent"),b("stopTrackEvent"),b("startTrackPage"),b("stopTrackPage"),b("flush"),!a.disableExceptionTracking){f="onerror",b("_"+f);var g=e[f];e[f]=function(a,b,d,e,h){var i=g&&g(a,b,d,e,h);return!0!==i&&c["_"+f](a,b,d,e,h),i}}return c
- 4 var query_string = window.location.search;
- 62 "pageUrl":(document.URL).replace("https://","").replace("http://",""),
- Leaked By GhostSec
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement