Lucene search
HistoryOct 11, 2015 - 1:59 a.m.
CVE-2015-5654
cve-2015-5654
cross-site scripting
xss
dojo toolkit
vulnerability
web script
html
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.4%
Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
dojotoolkitdojoRange≤1.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| dojotoolkit:dojo | dojotoolkit dojo | le | 1.1.1 |
Related
cvelist
cvelist
CVE-2015-5654
2015-10-11 01:00:00
github
github
Cross-Site Scripting in dojo
2020-09-11 21:18:05
jvn
jvn
JVN#13456571: Dojo Toolkit vulnerable to cross-site scripting
2015-10-09 00:00:00
debiancve
debiancve
CVE-2015-5654
2015-10-11 01:59:03
ibm
ibm
nvd
nvd
CVE-2015-5654
2015-10-11 01:59:03
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 08:31:53
prion
prion
Cross site scripting
2015-10-11 01:59:00
osv
osv
Cross-Site Scripting in dojo
2020-09-11 21:18:05
ubuntucve
ubuntucve
CVE-2015-5654
2015-10-11 00:00:00
nodejs
nodejs
Cross-Site Scripting
2019-06-17 14:14:37
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.4%
Related for CVE-2015-5654