9 matches found
dijit editor cross-site scripting vulnerability
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
Cross-Site Scripting in dojo
Affected versions of dojo are susceptible to a cross-site scripting vulnerability in the dijit.Editor and textarea components, which execute their contents as Javascript, even when sanitized. Recommendation Update to version 1.1.0 or later...
GHSA-39CX-XCWJ-3RC4 Cross-Site Scripting in dojo
Affected versions of dojo are susceptible to a cross-site scripting vulnerability in the dijit.Editor and textarea components, which execute their contents as Javascript, even when sanitized. Recommendation Update to version 1.1.0 or later...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
Cross site scripting
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2018-6561
CVE-2018-6561 affects dojo-dijit.Editor in Dojo Toolkit 1.13, enabling cross-site scripting via the onload attribute of an SVG element. The IBM/OSV records confirm the vulnerability details, including the XSS risk in Dijit.Editor and a base score of 6.1 (IBM X-Force vector: CVSS3.0), with exploit...
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element...
CVE-2008-6681
CVE-2008-6681 corresponds to a cross-site scripting vulnerability in the Dojo toolkit, specifically in dojo/dijit.Editor components pre-1.1. The issue allows remote attackers to inject arbitrary script or HTML via XML entities entered in a TEXTAREA, with the root cause tied to insufficient input ...