EUVD-2007-2371

Malware in sbrugna...

dojo 安全漏洞

dojo is a JavaScript toolkit that contains utilities, UI components, and more. A security vulnerability exists in dojo that stems from the software's susceptibility to Prototype contamination via the setObject function...

UBUNTU-CVE-2018-1000665

Dojo Dojo Objective Harness DOH version prior to version 1.14 contains a Cross Site Scripting XSS vulnerability in unit.html and testsDOH/base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliv...

CVE-2010-2274

Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to...

CVE-2010-2272

Unspecified vulnerability in iframehistory.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors...

CVE-2010-2273

Summary: CVE-2010-2273 describes multiple cross-site scripting vulnerabilities in Dojo across several major 1.0.x–1.4.x branches. The flaws allow remote attackers to inject arbitrary script or HTML via unspecified vectors, with potential references to files such as dojo/resources/iframe_history.h...

CVE-2007-2376

The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

Design/Logic Flaw

The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2376

The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

PT-2007-3709 · Dojo Foundation · Dojo

Name of the Vulnerable Software and Affected Versions: Dojo framework affected versions not specified Description: The issue concerns the exchange of data using JavaScript Object Notation JSON without proper protection, allowing remote attackers to obtain the data. This is achieved through a web...