GHSA-mmjh-45vj-hfvf

Suggest an improvement
Source
https://github.com/advisories/GHSA-mmjh-45vj-hfvf
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mmjh-45vj-hfvf/GHSA-mmjh-45vj-hfvf.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-mmjh-45vj-hfvf
Aliases
  • CVE-2010-2274
Published
2022-05-17T05:50:10Z
Modified
2024-02-18T05:23:53.124652Z
Summary
Dojo Open Redirect vulnerability
Details

Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html.

References

Affected packages

Maven / org.dojotoolkit:dojo

Package

Name
org.dojotoolkit:dojo
View open source insights on deps.dev
Purl
pkg:maven/org.dojotoolkit/dojo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.0.0
Fixed
1.0.3

Maven / org.dojotoolkit:dojo

Package

Name
org.dojotoolkit:dojo
View open source insights on deps.dev
Purl
pkg:maven/org.dojotoolkit/dojo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.1.0
Fixed
1.1.2

Affected versions

1.*

1.1.1

Maven / org.dojotoolkit:dojo

Package

Name
org.dojotoolkit:dojo
View open source insights on deps.dev
Purl
pkg:maven/org.dojotoolkit/dojo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.2.0
Fixed
1.2.4

Affected versions

1.*

1.2.0
1.2.3

Maven / org.dojotoolkit:dojo

Package

Name
org.dojotoolkit:dojo
View open source insights on deps.dev
Purl
pkg:maven/org.dojotoolkit/dojo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.3.0
Fixed
1.3.3

Affected versions

1.*

1.3.0
1.3.1
1.3.2

Maven / org.dojotoolkit:dojo

Package

Name
org.dojotoolkit:dojo
View open source insights on deps.dev
Purl
pkg:maven/org.dojotoolkit/dojo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.4.0
Fixed
1.4.2