CVE-2015-9251

    CVE-2015-9251  
Description jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Impact
  CVSS v3 : 6.1 MEDIUM  

  CVSS v2 : 4.3 MEDIUM  
Type
Attack Vector
CVSSv2 Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N
Quick linksCVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References