Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XSS in Dijit Editor's LinkDialog plugin
Vulnerability Description
In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. This has been fixed in 1.11.11, 1.12.9, 1.13.8, 1.14.7, 1.15.4, 1.16.3.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Dijit 跨站脚本漏洞
Vulnerability Description
Dijit是Dojo基金会的一款使用在Dojo JavaScript中的UI库。 Dijit中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。以下产品及版本受到影响:Dijit 1.11.11之前版本,1.12.0及之后版本(1.12.9版本已修复),1.13.0及之后版本(1.13.8版本已修复),1.14.0及之后版本(1.14.7版本已修复),1.15.0及之后版本(1.15.4版本已修复),1.16.0及之后版本(1.16.3版本已修复)。
CVSS Information
N/A
Vulnerability Type
N/A