Cross-site scripting in millions of web sites | Weblog | Sijmen RuwhofIn August 2014 I found a severe cross-site scripting security vulnerability in the latest version (1.13.0) of the ‘jQuery Validation Plugin‘ during a security penetration test for a customer. This jQuery plugin which adds easy form validation functionality to a web site, is written by a core developer of the highly popular jQuery JavaScript framework. As of speaking this vulnerability still exists
