Lucene search

K

GoogleOSV:GHSA-MMJH-45VJ-HFVF

HistoryMay 17, 2022 - 5:50 a.m.

Dojo Open Redirect vulnerability

2022-05-1705:50:10

Google

osv.dev

7

open redirect vulnerability

dojo

remote attackers

phishing attacks

AI Score

7.5

Confidence

Low

EPSS

0.005

Percentile

75.8%

Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html.

References

dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory

www-01.ibm.com/support/docview.wss?uid=swg21431472

www-1.ibm.com/support/docview.wss?uid=swg1LO50833

www-1.ibm.com/support/docview.wss?uid=swg1LO50849

www-1.ibm.com/support/docview.wss?uid=swg1LO50856

www-1.ibm.com/support/docview.wss?uid=swg1LO50896

www-1.ibm.com/support/docview.wss?uid=swg1LO50932

www-1.ibm.com/support/docview.wss?uid=swg1LO50958

www-1.ibm.com/support/docview.wss?uid=swg1LO50994

github.com/cometd/dojo-maven

nvd.nist.gov/vuln/detail/CVE-2010-2274

web.archive.org/web/20100617172214/secunia.com/advisories/40007

web.archive.org/web/20100629020444/secunia.com/advisories/38964

AI Score

7.5

Confidence

Low

EPSS

0.005

Percentile

75.8%

Related for OSV:GHSA-MMJH-45VJ-HFVF

prion1 cve1 nvd1 cvelist1 ubuntucve1 debiancve1 github1 openvas4