Vulnerabilities (CVE)

Filtered by vendor Dojo Toolkit Subscribe
Filtered by product Dojo Toolkit
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2376 1 Dojo Toolkit 1 Dojo Toolkit 2024-02-28 5.0 MEDIUM N/A
The Dojo framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."