7 matches found
@hpcc-js/dgrid-shim (>=0.0.29 <=0.1.12), bryaktestgrid (>=0.0.1 <=0.0.6) +3 more potentially affected by CVE-2018-6561 via dijit (>=1.10.3 <=1.13.0)
dijit NPM version =1.10.3, =0.0.29, =0.0.1, =0.1.0, =1.10.3, =0.0.1, =0.5.24 Source cves: CVE-2018-6561 Source advisory: OSV:GHSA-WP32-WQ34-2RQH...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
UBUNTU-CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2018-6561
CVE-2018-6561 affects dojo-dijit.Editor in Dojo Toolkit 1.13, enabling cross-site scripting via the onload attribute of an SVG element. The IBM/OSV records confirm the vulnerability details, including the XSS risk in Dijit.Editor and a base score of 6.1 (IBM X-Force vector: CVSS3.0), with exploit...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...