dijit editor cross-site scripting vulnerability
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Aug 28, 2023
Description
Published by the National Vulnerability Database
Feb 2, 2018
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Aug 28, 2023
Last updated
Aug 28, 2023
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
References