Lucene search
MitreCVELIST:CVE-2018-1000665HistoryOct 03, 2022 - 4:21 p.m.
CVE-2018-1000665
2022-10-0316:21:59
mitre
www.cve.org
dojo objective harness
cross site scripting
xss
vulnerability
browser attack
http cookies
cors trust
exploitable
Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contains a Cross Site Scripting (XSS) vulnerability in unit.html and testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliver malware, steal HTTP cookies, bypass CORS trust. This attack appear to be exploitable via Victims are typically lured to a web site under the attacker’s control; the XSS vulnerability on the target domain is silently exploited without the victim’s knowledge. This vulnerability appears to have been fixed in 1.14.
Related
redhatcve
redhatcve
CVE-2018-1000665
2018-09-06 21:19:01
osv
osv
Improper Neutralization of Input During Web Page Generation in Dojo Dojo Objective Harness
2022-05-14 02:01:21
CVE-2018-1000665
2018-09-06 17:29:01
ubuntucve
ubuntucve
CVE-2018-1000665
2018-09-06 00:00:00
nvd
nvd
CVE-2018-1000665
2018-09-06 17:29:01
debiancve
debiancve
CVE-2018-1000665
2022-10-03 16:21:59
cve
cve
CVE-2018-1000665
2022-10-03 16:21:59
veracode
veracode
Cross-Site Scripting (XSS)
2018-09-24 05:46:32
prion
prion
Cross site scripting
2018-09-06 17:29:00
github
github
