Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-P82G-2XPP-M5R3
HistorySep 11, 2020 - 9:18 p.m.

Cross-Site Scripting in dojo

2020-09-1121:18:05
Google
osv.dev
53

0.003 Low

EPSS

Percentile

65.5%

JSON

Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim’s browser.

Recommendation

Upgrade to version 1.2.0 or later.

CPENameOperatorVersion
dojolt1.9.1

Related

cvelist 1
github 1
jvn 1
debiancve 1
ibm 3
nvd 1
cve 1
ubuntucve 1
nodejs 1
veracode 1
prion 1
cvelist
cvelist
CVE-2015-5654
2015-10-11 01:00:00
github
github
Cross-Site Scripting in dojo
2020-09-11 21:18:05
jvn
jvn
JVN#13456571: Dojo Toolkit vulnerable to cross-site scripting
2015-10-09 00:00:00
debiancve
debiancve
CVE-2015-5654
2015-10-11 01:59:03
ibm
ibm
Security Bulletin: Vulnerability in Open Source Dojo ToolKit affects IBM Social Media Analytics (CVE- 2015-5654)
2018-06-15 22:44:20
Security Bulletin: Fix available for Security Vulnerability in IBM WebSphere Portal (CVE-2015-5654)
2021-12-03 13:59:19
Security Bulletin: Vulnerability in Dojo Toolkit affects IBM MQ Light (CVE-2015-5654)
2018-06-15 07:04:20
nvd
nvd
CVE-2015-5654
2015-10-11 01:59:03
cve
cve
CVE-2015-5654
2015-10-11 01:59:03
ubuntucve
ubuntucve
CVE-2015-5654
2015-10-11 00:00:00
nodejs
nodejs
Cross-Site Scripting
2019-06-17 14:14:37
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 08:31:53
prion
prion
Cross site scripting
2015-10-11 01:59:00

0.003 Low

EPSS

Percentile

65.5%

JSON
Related for OSV:GHSA-P82G-2XPP-M5R3
cvelist1github1jvn1debiancve1ibm3nvd1cve1ubuntucve1nodejs1veracode1prion1