NVD

Id
13753  
Name
CVE-2010-2275  
Description
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2010-06-15  
Modified Date
2010-06-16  
Seq
2010-2275  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
76499 13753 CVE-2010-2275 http://bugs.dojotoolkit.org/ticket/10773  View
76500 13753 CVE-2010-2275 http://www-01.ibm.com/support/docview.wss?uid=swg21431472  View
76501 13753 CVE-2010-2275 LO50896  View
76502 13753 CVE-2010-2275 LO50994  View
76503 13753 CVE-2010-2275 http://www.gdssecurity.com/l/b/2010/03/12/multiple-dom-based-xss-in-dojo-toolkit-sdk/  View
76504 13753 CVE-2010-2275 ADV-2010-1281  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
38359 JVNDB-2010-004144 Dojo Toolkit SDK の dijit/tests/_testCommon.js におけるクロスサイトスクリプティングの脆弱性 Dojo Toolkit SDK の dijit/tests/_testCommon.js には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-2275 44855 CVE-2010-2275 13753 4.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004144.html 2010-06-15 2012-06-26 View