2 matches found
Security Bulletin: There is a vulnerability in dojo-1.17.3.js used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2021-23450, CVE-2008-6681, CVE-2010-2273)
Summary There is a vulnerability in dojo-1.17.3.js used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. CWE:CWE-1321: Improperly...
CVE-2008-6681
CVE-2008-6681 corresponds to a cross-site scripting vulnerability in the Dojo toolkit, specifically in dojo/dijit.Editor components pre-1.1. The issue allows remote attackers to inject arbitrary script or HTML via XML entities entered in a TEXTAREA, with the root cause tied to insufficient input ...