id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,blockedby,blocking 15284,XSS Vulnerability on text options of jQuery UI datepicker,andycyork,,"similar to but applies to the datepicker\\ **to recreate**\\ Create a new HTML page.\\ Inject this content into new page:\\ {{{ XSS in options of datepicker


}}} \\ on load, alerts are shown for appendText & buttonText\\ after clicking the input control, alerts are shown for closeText, currentText, prevText & nextText\\ \\ The scripted alerts should not be shown - an attacker can take advantage of injecting malicious XSS content into website.",bug,closed,minor,none,ui.datepicker,1.12.1,fixed,,,,