CVE-2010-2273

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2010-2273

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2010-2273.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2010-2273

Aliases

GHSA-536q-8gxx-m782

Downstream

DEBIAN-CVE-2010-2273

Published

2010-06-15T14:30:01Z

Modified

2025-08-09T19:01:26Z

Summary

[none]

Details

Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, and util/buildscripts/jslib/buildUtil.js, as demonstrated by the (1) dojoUrl and (2) testUrl parameters to util/doh/runner.html.

References

CVE-2010-2273

Affected packages