Multiple open redirect vulnerabilities in Dojo 1.0.x prior to 1.0.3, 1.1.x prior to 1.1.2, 1.2.x prior to 1.2.4, 1.3.x prior to 1.3.3, and 1.4.x prior to 1.4.2 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dojotoolkit dojo 1.4.1 |
||
dojotoolkit dojo 1.1.1 |
||
dojotoolkit dojo 1.2 |
||
dojotoolkit dojo 1.2.1 |
||
dojotoolkit dojo 1.2.2 |
||
dojotoolkit dojo 1.2.3 |
||
dojotoolkit dojo 1.0 |
||
dojotoolkit dojo 1.0.2 |
||
dojotoolkit dojo 1.3 |
||
dojotoolkit dojo 1.3.2 |
||
dojotoolkit dojo 1.0.1 |
||
dojotoolkit dojo 1.1 |
||
dojotoolkit dojo 1.3.1 |
||
dojotoolkit dojo 1.4 |