Homepage

org.dojotoolkit:dojo@1.2.0 vulnerabilities

  • latest version

    1.17.3

  • latest non vulnerable version

    1.17.3

  • first published

    15 years ago

  • latest version published

    2 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.dojotoolkit:dojo package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    URL Redirection to Untrusted Site ('Open Redirect')

    org.dojotoolkit:dojo is a foundation package for the Dojo 1 Toolkit. While still being maintained, new development is primarily focused on modern Dojo.

    Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') due to improper validation of user-supplied input in multiple components. An attacker can redirect users to arbitrary web sites and conduct phishing attacks by manipulating unspecified vectors, possibly related to iframe_history.html, FLAudio.js, FLVideo.js, audio.swf, video.swf, build.js, buildUtil.js, and runner.html.

    How to fix URL Redirection to Untrusted Site ('Open Redirect')?

    Upgrade org.dojotoolkit:dojo to version 1.3.3 or higher.

    [,1.3.3)
    • M
    Cross-site Scripting (XSS)

    no desc

    [,1.14.0)
    • M
    Cross-site Scripting (XSS)

    no desc

    [,1.10.10)[1.11.0,1.11.6)[1.12.0,1.12.4)[1.13.0,1.13.1)
    Go back to all versions of this package