CVE-2016-7103

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

Date published : 2017-03-15

http://www.securityfocus.com/bid/104823

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html