Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nodejsUnknownNODEJS:973
HistoryJun 17, 2019 - 2:14 p.m.

Cross-Site Scripting

2019-06-1714:14:37
Unknown
www.npmjs.com
39

EPSS

0.003

Percentile

65.3%

JSON

Overview

Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim’s browser.

Recommendation

Upgrade to version 1.2.0 or later.

References

Related

cvelist 1
github 1
ibm 3
ubuntucve 1
jvn 1
debiancve 1
cve 1
nvd 1
prion 1
veracode 1
osv 1
cvelist
cvelist
CVE-2015-5654
2015-10-11 01:00:00
github
github
Cross-Site Scripting in dojo
2020-09-11 21:18:05
ibm
ibm
Security Bulletin: Fix available for Security Vulnerability in IBM WebSphere Portal (CVE-2015-5654)
2021-12-03 13:59:19
Security Bulletin: Vulnerability in Open Source Dojo ToolKit affects IBM Social Media Analytics (CVE- 2015-5654)
2018-06-15 22:44:20
Security Bulletin: Vulnerability in Dojo Toolkit affects IBM MQ Light (CVE-2015-5654)
2018-06-15 07:04:20
ubuntucve
ubuntucve
CVE-2015-5654
2015-10-11 00:00:00
jvn
jvn
JVN#13456571: Dojo Toolkit vulnerable to cross-site scripting
2015-10-09 00:00:00
debiancve
debiancve
CVE-2015-5654
2015-10-11 01:59:03
cve
cve
CVE-2015-5654
2015-10-11 01:59:03
nvd
nvd
CVE-2015-5654
2015-10-11 01:59:03
prion
prion
Cross site scripting
2015-10-11 01:59:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 08:31:53
osv
osv
Cross-Site Scripting in dojo
2020-09-11 21:18:05

EPSS

0.003

Percentile

65.3%

JSON
Related for NODEJS:973
cvelist1github1ibm3ubuntucve1jvn1debiancve1cve1nvd1prion1veracode1osv1