← Back to CVE List

CVE-2019-10785

Published: 2020-02-13T17:15Z
Last Modified: 2024-11-21T04:19Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt