Security News CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List TheHackerNews Daniel Bender Jan 24, 2025 CISA flags CVE-2020-11023, a five-year-old jQuery XSS flaw, for active exploitation. Patch by Feb 13, 2025.