466 matches found
The vulnerability of the LinkDialog plugin in the module library facilitates the development of JavaScript- or AJAX-based applications and Dojo Toolkit-powered websites. This vulnerability allows attackers to compromise data integrity.
The vulnerability of the LinkDialog plugin from the module library, which facilitates the development of JavaScript- or AJAX-based applications and Dojo Toolkit websites, is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow an attacker to...
Security Bulletin: Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment.
Summary Multiple vulnerabilities in Dojo toolkit and jQuery version shipped with IBM WebSphere eXtreme Scale Liberty Deployment Vulnerability Details CVEID:CVE-2012-6708 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...
Security Bulletin: EBICs client of IBM Sterling B2B Integrator vulnerable to multiple issues due to Dojo Toolkit
Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities in Dojo Toolkit. Vulnerability Details CVEID:CVE-2018-15494 DESCRIPTION: Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DataGrid component. A remote...
Security Bulletin: Financial Transaction Manager for Digital Payments, High Value Payments and Corporate Payment Services are impacted by multiple vulnerabilities.
Summary The vulnerabilities addressed include code injection, information disclosure and SQL injection. Vulnerability Details CVEID:CVE-2020-5259 DESCRIPTION: Dojo dojox could allow a remote attacker to inject arbitrary code on the system, caused by a prototype pollution flaw. By injecting other...
IBM WebSphere Application Server Liberty 17.0.0.3 < 22.0.0.3 Information Disclosure (6585704)
IBM WebSphere Application Server Liberty 17.0.0.3 less than 22.0.0.3, with the adminCenter-1.0 feature configured, is vulnerable to Prototype Pollution via the setObject function in Dojo. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...
IBM WebSphere Application Server 7.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.22 / 9.x < 9.0.5.12 RCE
The IBM WebSphere Application Server installed on the remote host is affected by a remote code execution vulnerability due to the Dojo package, which is vulnerable to vulnerable to Prototype Pollution via the setObject function. Note that Nessus has not tested for this issue but has instead relie...
SUSE CVE-2015-5654
Cross-site scripting XSS vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Security Bulletin: IBM CICS TX Advanced is vulnerable to arbitrary code execution due to IBM WebSphere Application Server Liberty (CVE-2021-23450)
Summary WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the arbitrary code execution vulnerability CVE-2021-23450 from Liberty. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote...
MGASA-2023-0039 Updated dojo packages fix security vulnerability
Dijit Editor's LinkDialog plugin of dojo 1.14.0 to 1.14.7 is vulnerable to cross-site scripting XSS attacks. CVE-2020-4051 Prototype pollution vulnerability via the setObject function. CVE-2021-23450...
Updated dojo packages fix security vulnerability
Dijit Editor's LinkDialog plugin of dojo 1.14.0 to 1.14.7 is vulnerable to cross-site scripting XSS attacks. CVE-2020-4051 Prototype pollution vulnerability via the setObject function. CVE-2021-23450...
Debian: Security Advisory (DLA-3289-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3289-1] dojo security update
Debian LTS Advisory DLA-3289-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin January 28, 2023 https://wiki.debian.org/LTS Package : dojo Version : 1.14.2+dfsg1-1+deb10u3 CVE ID : CVE-2020-4051 CVE-2021-23450 Debian Bug : 970000 1014785 Two vulnerabilities were...
DLA-3289-1 dojo - security update
Bulletin has no description...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution with IBM WebSphere Application Server (CVE-2021-23450).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution with IBM WebSphere Application Server CVE-2021-23450. This is used as part of the base image included in our service components. Please read the details for remediation below...
Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring installed WebSphere Application Server
Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-20454 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML Extern...
Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server
Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. CVEs: CVE-2021-23450, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-25315, CVE-2022-25313, CVE-2022-25235, CVE-2022-25236,...
Security Bulletin: Vulnerabilities in IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights CVE-2021-23450
Summary Vulnerabilities in IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights CVE-2021-23450 Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in...
Security Bulletin: Potential vulnerability in Dojo affect IBM Operations Analytics - Log Analysis (CVE-2018-15494)
Summary Vulnerability in dojo allow remote attacker to access any cookies, session tokens, or other sensitive information through cross-site scripting Vulnerability Details CVEID:CVE-2018-15494 DESCRIPTION: Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of...
Security Bulletin: Netcool Operations Insight v1.6.6 contains fixes for multiple security vulnerabilities.
Summary Netcool Operations Insight v1.6.6 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the...
Security Bulletin: Enterprise Content Management System Monitor is affected by vulnerability in Dojo [CVE-2021-23450]
Summary Vulnerability found in Dojo used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE CVE-2021-23450. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary...