CVE-2010-2276
Summary
| CVE | CVE-2010-2276 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-06-15 14:30:01 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact via a request to a (1) test or (2) demo component. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dojotoolkit | Dojo | 0.4.0 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.4.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.4.2 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.4.3 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.0 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.0.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.0.2 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.1.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.2 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.2.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.2.2 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.2.3 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.3 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.3.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.3.2 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.4 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.4.1 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| LO50958: DOJO SECURITY PATCH AFFECTING DOJO 1.1.1, 1.1.0 AND 1.2.3 | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| IBM Fix List and installation instructions for Lotus Connections 2.5.0 Fix Pack 2 (2.5.0.2) - United States | af854a3a-2127-422b-91ae-364da2661108 | www-01.ibm.com | |
| LO50833: DOJO SECURITY PATCH AFFECTING DOJO 1.1.1, 1.1.0 AND 1.2.3 | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| IBM notice: The page you requested cannot be displayed | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Vendor Advisory |
| LO50856: DOJO SECURITY PATCH AFFECTING DOJO 1.1.1, 1.1.0 AND 1.2.3 | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| Dojo Toolkit Redirection Weaknesses and Cross-Site Scripting - Advisories - Community | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| LO50896: DOJO SECURITY PATCH AFFECTING DOJO 1.1.1, 1.1.0 AND 1.2.3 | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| IBM Lotus Connections Multiple Vulnerabilities - Advisories - Community | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| LO50849: DOJO SECURITY PATCH AFFECTING DOJO 1.1.1, 1.1.0 AND 1.2.3 | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| LO50994: DOJO SECURITY PATCH AFFECTING DOJO 1.1.1, 1.1.0 AND 1.2.3 | af854a3a-2127-422b-91ae-364da2661108 | www-1.ibm.com | |
| Page not found | The Dojo Toolkit Blog | af854a3a-2127-422b-91ae-364da2661108 | dojotoolkit.org | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.