Dojo@* Security Vulnerabilities and Issues — Dojo@* CVE List

Lucene search

DojotoolkitDojo*

5 matches found

CVE•added 2018/08/18 2:29 a.m.•768 views

CVE-2018-15494

In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.

9.8CVSS9.4AI score0.0064EPSS

CVE•added 2018/09/06 5:29 p.m.•146 views

CVE-2018-1000665

Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contains a Cross Site Scripting (XSS) vulnerability in unit.html and testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - d...

6.1CVSS5.8AI score0.00158EPSS

CVE•added 2010/06/15 2:30 p.m.•74 views

CVE-2010-2275

Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.

4.3CVSS5.7AI score0.15953EPSS

CVE•added 2015/10/11 1:59 a.m.•65 views

CVE-2015-5654

Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.5AI score0.00297EPSS

CVE•added 2009/04/09 3:8 p.m.•60 views

CVE-2008-6681

Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web script or HTML via XML entities in a TEXTAREA element.

4.3CVSS5.8AI score0.00285EPSS