Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

dojo toolkit dojo toolkit vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2007-2376
The Dojo framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the...
Dojo Toolkit Dojo Toolkit
4.3
CVSSv2
CVE-2010-2275
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.
Dojotoolkit Dojo 0.4.1Dojotoolkit Dojo 0.2.0Dojotoolkit Dojo 0.2.1Dojotoolkit Dojo 1.1Dojotoolkit Dojo 1.1.1Dojotoolkit Dojo 0.3.0Dojotoolkit Dojo 1.0.2Dojotoolkit Dojo 1.3.1Dojotoolkit Dojo 1.3Dojotoolkit Dojo 1.2.3Dojotoolkit Dojo 0.9.0Dojotoolkit Dojo 1.2.2Dojotoolkit DojoDojotoolkit Dojo 0.4.2Dojotoolkit Dojo 1.3.2Dojotoolkit Dojo 1.2.1Dojotoolkit Dojo 1.2Dojotoolkit Dojo 0.2.2Dojotoolkit Dojo 0.4.0Dojotoolkit Dojo 0.1.0Dojotoolkit Dojo 1.4Dojotoolkit Dojo 0.4.3
4.3
CVSSv2
CVE-2010-2273
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly relat...
Dojotoolkit Dojo 1.0Dojotoolkit Dojo 1.2.1Dojotoolkit Dojo 1.2.2Dojotoolkit Dojo 1.2.3Dojotoolkit Dojo 1.3Dojotoolkit Dojo 1.0.1Dojotoolkit Dojo 1.1Dojotoolkit Dojo 1.2Dojotoolkit Dojo 1.3.1Dojotoolkit Dojo 1.4Dojotoolkit Dojo 1.0.2Dojotoolkit Dojo 1.1.1Dojotoolkit Dojo 1.3.2Dojotoolkit Dojo 1.4.1
4.3
CVSSv2
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit prior to 1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dojotoolkit Dojo
4.3
CVSSv2
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
Dojotoolkit Dojo 1.13.0
7.5
CVSSv2
CVE-2018-15494
In Dojo Toolkit prior to 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Dojotoolkit DojoDebian Debian Linux 8.0
5
CVSSv2
CVE-2010-4600
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.4 and 7.1.2.x prior to 7.1.2.1, allows remote malicious users to read cookies by navigating to a Dojo file, related to an "open direct" issue.
Dojofoundation Dojo ToolkitIbm Rational Clearquest 7.1.2Ibm Rational Clearquest 7.1.1.1Ibm Rational Clearquest 7.1.1.2Ibm Rational Clearquest 7.1.1.3
4.3
CVSSv2
CVE-2014-8917
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used i...
Ibm Social Media AnalyticsIbm Financial Transaction Manager 2.1.0.2Ibm Financial Transaction Manager 2.1.1.1Ibm Financial Transaction Manager 2.1.0.0Ibm Financial Transaction Manager 2.1.0.1Ibm Financial Transaction Manager 2.0.0.2Ibm Financial Transaction Manager 2.0.0.3Ibm Financial Transaction Manager For Check Services 2.1.1.8Ibm Financial Transaction Manager For Corporate Payment Services 2.1.1.0Ibm Financial Transaction Manager 2.0.0.0Ibm Financial Transaction Manager 2.0.0.1Ibm Financial Transaction Manager 2.1.1.0Ibm Financial Transaction Manager 3.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook