Known Vulnerabilities for Dojo by Dojotoolkit
Listed below are 10 of the newest known vulnerabilities associated with "Dojo" by "Dojotoolkit".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-1000665 | Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contains a Cross Site Scripting (XSS) vulnerability in unit.h... | 6.1 - MEDIUM | 2018-09-06 | 2018-11-07 |
| CVE-2018-15494 | In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. | 9.8 - CRITICAL | 2018-08-18 | 2020-08-24 |
| CVE-2018-6561 | dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element. | 6.1 - MEDIUM | 2018-02-02 | 2018-02-15 |
| CVE-2015-5654 | Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or... | 4.3 - MEDIUM | 2015-10-11 | 2016-12-06 |
| CVE-2010-2276 | The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x befo... | 10 - HIGH | 2010-06-15 | 2010-06-16 |
| CVE-2010-2275 | Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attacke... | 4.3 - MEDIUM | 2010-06-15 | 2010-06-16 |
| CVE-2010-2274 | Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3... | 4.3 - MEDIUM | 2010-06-15 | 2010-06-17 |
| CVE-2010-2273 | Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x... | 4.3 - MEDIUM | 2010-06-15 | 2010-06-16 |
| CVE-2010-2272 | Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors. | 10 - HIGH | 2010-06-15 | 2010-06-16 |
| CVE-2008-6681 | Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web s... | 4.3 - MEDIUM | 2009-04-09 | 2017-08-17 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dojotoolkit | Dojo | 1.9.11 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.8.14 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.7.12 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.6.5 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.5.6 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.4.8 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.3.3 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.2.4 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.14 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.13.0 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.12.3 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.11.5 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.10.9 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.1.2 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.1.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 1.0.3 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.9.0 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.4.4 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.3.1 | All | All | All |
| Application | Dojotoolkit | Dojo | 0.2.2 | All | All | All |