Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
1.10.1+dfsg-1ubuntu0.14.04.1~esm11.10.1+dfsg-1ubuntu0.16.04.1~esm1Exploitability
AV:NAC:LPR:NUI:RScope
S:CImpact
C:LI:LA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N