Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dojo toolkit dojo toolkit vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-2376
The Dojo framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the...
Dojo Toolkit Dojo Toolkit
4.3
CVSSv2
CVE-2010-2275
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 0.2.0
Dojotoolkit Dojo 0.2.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 0.3.0
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 0.9.0
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo
Dojotoolkit Dojo 0.4.2
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 0.2.2
Dojotoolkit Dojo 0.4.0
Dojotoolkit Dojo 0.1.0
Dojotoolkit Dojo 1.4
Dojotoolkit Dojo 0.4.3
1 EDB exploit
4.3
CVSSv2
CVE-2010-2273
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly relat...
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.4
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit prior to 1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dojotoolkit Dojo
4.3
CVSSv2
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
Dojotoolkit Dojo 1.13.0
7.5
CVSSv2
CVE-2018-15494
In Dojo Toolkit prior to 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Dojotoolkit Dojo
Debian Debian Linux 8.0
5
CVSSv2
CVE-2010-4600
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.4 and 7.1.2.x prior to 7.1.2.1, allows remote malicious users to read cookies by navigating to a Dojo file, related to an "open direct" issue.
Dojofoundation Dojo Toolkit
Ibm Rational Clearquest 7.1.2
Ibm Rational Clearquest 7.1.1.1
Ibm Rational Clearquest 7.1.1.2
Ibm Rational Clearquest 7.1.1.3
4.3
CVSSv2
CVE-2014-8917
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used i...
Ibm Social Media Analytics
Ibm Financial Transaction Manager 2.1.0.2
Ibm Financial Transaction Manager 2.1.1.1
Ibm Financial Transaction Manager 2.1.0.0
Ibm Financial Transaction Manager 2.1.0.1
Ibm Financial Transaction Manager 2.0.0.2
Ibm Financial Transaction Manager 2.0.0.3
Ibm Financial Transaction Manager For Check Services 2.1.1.8
Ibm Financial Transaction Manager For Corporate Payment Services 2.1.1.0
Ibm Financial Transaction Manager 2.0.0.0
Ibm Financial Transaction Manager 2.0.0.1
Ibm Financial Transaction Manager 2.1.1.0
Ibm Financial Transaction Manager 3.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started