Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dojotoolkit dojo vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-15494
In Dojo Toolkit prior to 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Dojotoolkit Dojo
Debian Debian Linux 8.0
6.1
CVSSv3
CVE-2018-1000665
Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contains a Cross Site Scripting (XSS) vulnerability in unit.html and testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js in the DOH that can result in Victim attacked throug...
Dojotoolkit Dojo
6.1
CVSSv3
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
Dojotoolkit Dojo 1.13.0
NA
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit prior to 1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dojotoolkit Dojo
NA
CVE-2010-2272
Unspecified vulnerability in iframe_history.html in Dojo 0.4.x prior to 0.4.4 has unknown impact and remote attack vectors.
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 0.4.3
Dojotoolkit Dojo 0.4.0
Dojotoolkit Dojo 0.4.2
NA
CVE-2010-2274
Multiple open redirect vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vecto...
Dojotoolkit Dojo 1.4.1
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.4
NA
CVE-2010-2276
The default configuration of the build process in Dojo 0.4.x prior to 0.4.4, 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote malicious ...
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 0.4.0
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 0.4.2
Dojotoolkit Dojo 0.4.3
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.4.1
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.4
NA
CVE-2010-2273
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly relat...
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.4
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.4.1
1 EDB exploit
NA
CVE-2010-2275
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 0.2.0
Dojotoolkit Dojo 0.2.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 0.3.0
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 0.9.0
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo
Dojotoolkit Dojo 0.4.2
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 0.2.2
Dojotoolkit Dojo 0.4.0
Dojotoolkit Dojo 0.1.0
Dojotoolkit Dojo 1.4
Dojotoolkit Dojo 0.4.3
1 EDB exploit
NA
CVE-2007-6726
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
Apache Struts 2.0.9
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 0.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »