Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache struts 2.0.9 |
||
dojotoolkit dojo 0.4.1 |
||
dojotoolkit dojo 0.4.2 |