Vulnerabilities > Linuxfoundation > Dojox > 1.11.1

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2020-5259 Injection vulnerability in Linuxfoundation Dojox
In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution.
network
low complexity
linuxfoundation CWE-74
5.0
5.0
2020-02-13 CVE-2019-10785 Cross-site Scripting vulnerability in multiple products
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9.
network
low complexity
linuxfoundation debian CWE-79
6.1
6.1