Lucene search
Adam BixbyEDB-ID:33765HistoryMar 15, 2010 - 12:00 a.m.
Dojo Toolkit 1.4.1 - '/doh/runner.html' Multiple Cross-Site Scripting Vulnerabilities
2010-03-1500:00:00
Adam Bixby
www.exploit-db.com
18
source: https://www.securityfocus.com/bid/38739/info
Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to Dojo 1.4.2 are vulnerable.
http://www.example.com/util/doh/runner.html?dojoUrl='/>foo</script><'"<script>alert(/xss/)</script>Related
debiancve
debiancve
CVE-2010-2273
2010-06-15 14:30:01
cvelist
cvelist
CVE-2010-2273
2010-06-14 19:00:00
github
github
Cross-Site Scripting in dojo
2019-09-11 23:02:57
cve
cve
CVE-2010-2273
2010-06-15 14:30:01
ubuntucve
ubuntucve
CVE-2010-2273
2010-06-15 00:00:00
osv
osv
Cross-Site Scripting in dojo
2019-09-11 23:02:57
ibm
ibm
nodejs
nodejs
Cross-Site Scripting
2019-06-17 13:46:50
prion
prion
Cross site scripting
2010-06-15 14:30:00
nvd
nvd
CVE-2010-2273
2010-06-15 14:30:01
openvas
openvas
FreeBSD Ports: ZendFramework
2010-04-21 00:00:00
FreeBSD Ports: ZendFramework
2010-04-21 00:00:00
FreeBSD Ports: dojo
2010-04-21 00:00:00