Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dojo toolkit dojo toolkit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2376
The Dojo framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the...
Dojo Toolkit Dojo Toolkit
NA
CVE-2010-2275
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 0.4.3
Dojotoolkit Dojo
Dojotoolkit Dojo 0.3.1
Dojotoolkit Dojo 0.2.2
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 0.3.0
Dojotoolkit Dojo 0.9.0
Dojotoolkit Dojo 0.4.0
Dojotoolkit Dojo 0.4.1
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 0.1.0
Dojotoolkit Dojo 0.4.2
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 0.2.0
1 EDB exploit
NA
CVE-2010-2273
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly relat...
Dojotoolkit Dojo 1.2.1
Dojotoolkit Dojo 1.1
Dojotoolkit Dojo 1.3.2
Dojotoolkit Dojo 1.0.1
Dojotoolkit Dojo 1.2.3
Dojotoolkit Dojo 1.0
Dojotoolkit Dojo 1.3.1
Dojotoolkit Dojo 1.0.2
Dojotoolkit Dojo 1.1.1
Dojotoolkit Dojo 1.3
Dojotoolkit Dojo 1.4.1
Dojotoolkit Dojo 1.2.2
Dojotoolkit Dojo 1.2
Dojotoolkit Dojo 1.4
1 EDB exploit
NA
CVE-2010-4600
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.4 and 7.1.2.x prior to 7.1.2.1, allows remote malicious users to read cookies by navigating to a Dojo file, related to an "open direct" issue.
Dojofoundation Dojo Toolkit
Ibm Rational Clearquest 7.1.1.1
Ibm Rational Clearquest 7.1.1.2
Ibm Rational Clearquest 7.1.1.3
Ibm Rational Clearquest 7.1.2
NA
CVE-2015-5654
Cross-site scripting (XSS) vulnerability in Dojo Toolkit prior to 1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dojotoolkit Dojo
6.1
CVSSv3
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
Dojotoolkit Dojo 1.13.0
9.8
CVSSv3
CVE-2018-15494
In Dojo Toolkit prior to 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Dojotoolkit Dojo
Debian Debian Linux 8.0
NA
CVE-2014-8917
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used i...
Ibm Social Media Analytics
Ibm Financial Transaction Manager 2.0.0.2
Ibm Financial Transaction Manager 2.0.0.0
Ibm Financial Transaction Manager 2.1.1.0
Ibm Financial Transaction Manager 2.1.0.2
Ibm Financial Transaction Manager For Check Services 2.1.1.8
Ibm Financial Transaction Manager 2.1.1.1
Ibm Financial Transaction Manager For Corporate Payment Services 2.1.1.0
Ibm Financial Transaction Manager 2.0.0.3
Ibm Financial Transaction Manager 2.1.0.0
Ibm Financial Transaction Manager 3.0.0.0
Ibm Financial Transaction Manager 2.1.0.1
Ibm Financial Transaction Manager 2.0.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started