Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dojo toolkit dojo toolkit vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-2376
The Dojo framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the...
Dojo Toolkit Dojo Toolkit
435
VMScore
CVE-2010-2275
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 0.2.0
Dojotoolkit Dojo 0.2.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 0.3.0
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 0.9.0
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo
Dojotoolkit Dojo 0.4.2
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 0.2.2
Dojotoolkit Dojo 0.4.0
Dojotoolkit Dojo 0.1.0
Dojotoolkit Dojo 1.4
Dojotoolkit Dojo 0.4.3
1 EDB exploit
435
VMScore
CVE-2010-2273
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly relat...
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.4
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.4.1
1 EDB exploit
383
VMScore
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit prior to 1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dojotoolkit Dojo
383
VMScore
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
Dojotoolkit Dojo 1.13.0
668
VMScore
CVE-2018-15494
In Dojo Toolkit prior to 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Dojotoolkit Dojo
Debian Debian Linux 8.0
445
VMScore
CVE-2010-4600
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.4 and 7.1.2.x prior to 7.1.2.1, allows remote malicious users to read cookies by navigating to a Dojo file, related to an "open direct" issue.
Dojofoundation Dojo Toolkit
Ibm Rational Clearquest 7.1.2
Ibm Rational Clearquest 7.1.1.1
Ibm Rational Clearquest 7.1.1.2
Ibm Rational Clearquest 7.1.1.3
383
VMScore
CVE-2014-8917
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used i...
Ibm Social Media Analytics
Ibm Financial Transaction Manager 2.1.0.2
Ibm Financial Transaction Manager 2.1.1.1
Ibm Financial Transaction Manager 2.1.0.0
Ibm Financial Transaction Manager 2.1.0.1
Ibm Financial Transaction Manager 2.0.0.2
Ibm Financial Transaction Manager 2.0.0.3
Ibm Financial Transaction Manager For Check Services 2.1.1.8
Ibm Financial Transaction Manager For Corporate Payment Services 2.1.1.0
Ibm Financial Transaction Manager 2.0.0.0
Ibm Financial Transaction Manager 2.0.0.1
Ibm Financial Transaction Manager 2.1.1.0
Ibm Financial Transaction Manager 3.0.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started