Skip to content

Commit

Permalink
Fixes #460
Browse files Browse the repository at this point in the history
  • Loading branch information
@eoftedal
eoftedal committed Nov 19, 2024
1 parent 32079d2 commit f3f5365
Show file tree
Hide file tree
Showing 5 changed files with 69 additions and 69 deletions.
2 changes: 1 addition & 1 deletion repository/jsrepository-master.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2067,7 +2067,7 @@
{
"ranges": [
{
"below": "1.9.1"
"below": "1.2.0"
}
],
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
Expand Down
34 changes: 17 additions & 17 deletions repository/jsrepository-v2.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2642,6 +2642,23 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.2.0",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.2",
"below": "1.2.4",
Expand Down Expand Up @@ -2736,23 +2753,6 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.9.1",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.10.0",
"below": "1.10.10",
Expand Down
34 changes: 17 additions & 17 deletions repository/jsrepository-v3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2712,6 +2712,23 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.2.0",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.2",
"below": "1.2.4",
Expand Down Expand Up @@ -2806,23 +2823,6 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.9.1",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.10.0",
"below": "1.10.10",
Expand Down
34 changes: 17 additions & 17 deletions repository/jsrepository-v4.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2711,6 +2711,23 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.2.0",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.2",
"below": "1.2.4",
Expand Down Expand Up @@ -2805,23 +2822,6 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.9.1",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.10.0",
"below": "1.10.10",
Expand Down
34 changes: 17 additions & 17 deletions repository/jsrepository.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2623,6 +2623,23 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.2.0",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.2",
"below": "1.2.4",
Expand Down Expand Up @@ -2717,23 +2734,6 @@
"https://github.com/dojo/dojo/pull/307"
]
},
{
"below": "1.9.1",
"severity": "medium",
"cwe": [
"CWE-79"
],
"identifiers": {
"summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.",
"CVE": [
"CVE-2015-5654"
],
"githubID": "GHSA-p82g-2xpp-m5r3"
},
"info": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5654"
]
},
{
"atOrAbove": "1.10.0",
"below": "1.10.10",
Expand Down

0 comments on commit f3f5365

Please sign in to comment.