3 matches found
Security Bulletin: Fix available for Security Vulnerability in IBM WebSphere Portal (CVE-2015-5654)
Summary Security Bulletin: Fix available for Security Vulnerability in IBM WebSphere Portal CVE-2015-5654 Vulnerability Details CVEID: CVE-2015-5654 DESCRIPTION: Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could explo...
Cross-Site Scripting
Overview Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser. Recommendation Upgrade to version 1.2.0 or later. References - CVE -...
CVE-2015-5654
Dojo Toolkit (before 1.2) is vulnerable to Cross-Site Scripting (XSS) due to improper validation of user-supplied input, enabling remote attackers to inject script/HTML via unspecified vectors. Several vendor advisories confirm this CVE-2015-5654 issue and recommend upgrading Dojo to a version wi...