Description
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Remediation
References
https://dojotoolkit.org/blog/dojo-1-14-released
https://github.com/dojo/dojox/pull/283
https://lists.debian.org/debian-lts-announce/2018/09/msg00002.html
Related Vulnerabilities
CVE-2023-46674 Vulnerability in maven package org.elasticsearch:elasticsearch-hadoop
CVE-2022-41929 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2021-43570 Vulnerability in maven package com.starkbank.ellipticcurve:starkbank-ecdsa
CVE-2018-16115 Vulnerability in maven package com.typesafe.akka:akka-actor_2.12
CVE-2019-1003051 Vulnerability in maven package org.jvnet.hudson.plugins:ircbot