jQuery versions with known weaknesses

• Bug 9521 (CVE-2011-4969) - $("#<img src=x onerror=...>")
• Bug 11290 (CVE-2012-6708) - $("element[attribute='<img src=x onerror=...>'")
• issue 2432 (CVE-2015-9251) - 3rd party $.get() auto executes if content type is text/javascript
• issue 11974 (CVE-2015-9251) - parseHTML executes inline scripts like event handlers
• issue 4333 (CVE-2019-11358) - prototype pollution for $.extend()
• issue 4642 (CVE-2020-11022) - htmlPrefilter unwraps things it shouldn't
• issue 4647 (CVE-2020-11023/CVE-2020-23064) - select/option wrapping unwraps can cause XSS
• CVE-2020-7656 - XSS - The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >"