Lucene search
+L

12 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2020-0126)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS8AI score0.01853EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 10:33 p.m.31 views

Security Bulletin: IBM DataPower Gateway affected by XSS vulnerability (CVE-2019-10785)

Summary IBM has addressed the CVE Vulnerability Details CVEID: CVE-2019-10785 DESCRIPTION: Dojox is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dojox.xmpp.util.xmlEncode. A remote attacker could exploit this vulnerability to execute script in a...

6.1CVSS1.9AI score0.01853EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/29 5:9 a.m.32 views

Security Bulletin: IBM Tivoli Netcool Impact is affected by an IBM Dojo Toolkit vulnerability (CVE-2019-10785)

Summary IBM Tivoli Netcool Impact has addressed the following IBM Dojo Toolkit vulnerability. Vulnerability Details CVEID: CVE-2019-10785 DESCRIPTION: Dojox is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dojox.xmpp.util.xmlEncode. A remote...

6.1CVSS0.7AI score0.01853EPSS
Exploits1Affected Software1
OSV
OSV
added 2020/03/06 4:13 p.m.5 views

MGASA-2020-0126 Updated dojo packages fix security vulnerability

Updated dojo package fixes security vulnerability: dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them CVE-2019-10785...

6.1CVSS6.2AI score0.01853EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2020/02/13 10:21 p.m.3 views

bryaktestgrid (>=0.0.1 <=0.0.6), dojo-rql (>=0.1.0 <=0.3.2) +1 more potentially affected by CVE-2019-10785 via dojox (=1.11.2)

dojox NPM version =1.11.2 is affected by a known vulnerability. The following packages have a transitive dependency on dojox and may be impacted: - bryaktestgrid =0.0.1, =0.1.0, =0.0.1, =0.5.24 Source cves: CVE-2019-10785 Source advisory: OSV:GHSA-PG97-WW7H-5MJR...

6.1CVSS6.8AI score0.01853EPSS
Exploits1
NVD
NVD
added 2020/02/13 5:15 p.m.22 views

CVE-2019-10785

dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them...

6.1CVSS6.9AI score0.01853EPSS
Exploits1References3
OSV
OSV
added 2020/02/13 5:15 p.m.25 views

CVE-2019-10785

dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them...

6.1CVSS6AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/02/13 5:15 p.m.38 views

CVE-2019-10785

dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them...

6.1CVSS6.9AI score0.01853EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/02/13 4:2 p.m.25 views

CVE-2019-10785

dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them...

6.1AI score0.01853EPSS
Exploits1References3
CVE
CVE
added 2020/02/13 4:2 p.m.130 views

CVE-2019-10785

CVE-2019-10785 affects the Dojo/Dojox component, where dojox.xmpp.util.xmlEncode only encodes the first occurrence of each character, enabling cross-site scripting in affected Dojo versions prior to 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. The connected IBM and Nessus entries corroborat...

6.1CVSS6AI score0.01853EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2020/02/13 4:2 p.m.30 views

CVE-2019-10785

dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them...

6.1CVSS7.6AI score0.01853EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/02/07 11:46 a.m.4 views

bryaktestgrid (>=0.0.1 <=0.0.6), dojo-rql (>=0.1.0 <=0.3.2) +1 more potentially affected by CVE-2019-10785 via dojox (=1.11.2)

dojox NPM version =1.11.2 is affected by a known vulnerability. The following packages have a transitive dependency on dojox and may be impacted: - bryaktestgrid =0.0.1, =0.1.0, =0.0.1, =0.5.24 Source cves: CVE-2019-10785 Source advisory: SNYK:JS-DOJOX-548257...

6.1CVSS6.8AI score0.01853EPSS
Exploits1
Rows per page
Query Builder