Lucene search
BixNODEJS:972HistoryJun 17, 2019 - 1:46 p.m.
Cross-Site Scripting
2019-06-1713:46:50
bix
www.npmjs.com
20
0.042 Low
EPSS
Percentile
92.3%
Overview
Versions of dojo prior to 1.4.2 are vulnerable to DOM-based Cross-Site Scripting (XSS). The package does not sanitize URL parameters in the _testCommon.js and runner.html test files, allowing attackers to execute arbitrary JavaScript in the victim’s browser.
Recommendation
Upgrade to version 1.4.2 or later.
References
Related
debiancve
debiancve
CVE-2010-2273
2022-10-03 16:21:09
cve
cve
CVE-2010-2273
2022-10-03 16:21:09
cvelist
cvelist
CVE-2010-2273
2022-10-03 16:21:09
github
github
Cross-Site Scripting in dojo
2019-09-11 23:02:57
prion
prion
Cross site scripting
2010-06-15 14:30:00
ibm
ibm
ubuntucve
ubuntucve
CVE-2010-2273
2010-06-15 00:00:00
osv
osv
Cross-Site Scripting in dojo
2019-09-11 23:02:57
nvd
nvd
CVE-2010-2273
2010-06-15 14:30:01
openvas
openvas
FreeBSD Ports: ZendFramework
2010-04-21 00:00:00
FreeBSD Ports: ZendFramework
2010-04-21 00:00:00
FreeBSD Ports: dojo
2010-04-21 00:00:00