diff --git a/repository/jsrepository-master.json b/repository/jsrepository-master.json index 7b5b0058..63296ef8 100644 --- a/repository/jsrepository-master.json +++ b/repository/jsrepository-master.json @@ -2067,7 +2067,7 @@ { "ranges": [ { - "below": "1.9.1" + "below": "1.2.0" } ], "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", diff --git a/repository/jsrepository-v2.json b/repository/jsrepository-v2.json index 07b76399..9d66d661 100644 --- a/repository/jsrepository-v2.json +++ b/repository/jsrepository-v2.json @@ -2642,6 +2642,23 @@ "https://github.com/dojo/dojo/pull/307" ] }, + { + "below": "1.2.0", + "severity": "medium", + "cwe": [ + "CWE-79" + ], + "identifiers": { + "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", + "CVE": [ + "CVE-2015-5654" + ], + "githubID": "GHSA-p82g-2xpp-m5r3" + }, + "info": [ + "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" + ] + }, { "atOrAbove": "1.2", "below": "1.2.4", @@ -2736,23 +2753,6 @@ "https://github.com/dojo/dojo/pull/307" ] }, - { - "below": "1.9.1", - "severity": "medium", - "cwe": [ - "CWE-79" - ], - "identifiers": { - "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", - "CVE": [ - "CVE-2015-5654" - ], - "githubID": "GHSA-p82g-2xpp-m5r3" - }, - "info": [ - "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" - ] - }, { "atOrAbove": "1.10.0", "below": "1.10.10", diff --git a/repository/jsrepository-v3.json b/repository/jsrepository-v3.json index a1a6fbb5..4e4f3a39 100644 --- a/repository/jsrepository-v3.json +++ b/repository/jsrepository-v3.json @@ -2712,6 +2712,23 @@ "https://github.com/dojo/dojo/pull/307" ] }, + { + "below": "1.2.0", + "severity": "medium", + "cwe": [ + "CWE-79" + ], + "identifiers": { + "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", + "CVE": [ + "CVE-2015-5654" + ], + "githubID": "GHSA-p82g-2xpp-m5r3" + }, + "info": [ + "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" + ] + }, { "atOrAbove": "1.2", "below": "1.2.4", @@ -2806,23 +2823,6 @@ "https://github.com/dojo/dojo/pull/307" ] }, - { - "below": "1.9.1", - "severity": "medium", - "cwe": [ - "CWE-79" - ], - "identifiers": { - "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", - "CVE": [ - "CVE-2015-5654" - ], - "githubID": "GHSA-p82g-2xpp-m5r3" - }, - "info": [ - "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" - ] - }, { "atOrAbove": "1.10.0", "below": "1.10.10", diff --git a/repository/jsrepository-v4.json b/repository/jsrepository-v4.json index 296b7041..7a74d6e5 100644 --- a/repository/jsrepository-v4.json +++ b/repository/jsrepository-v4.json @@ -2711,6 +2711,23 @@ "https://github.com/dojo/dojo/pull/307" ] }, + { + "below": "1.2.0", + "severity": "medium", + "cwe": [ + "CWE-79" + ], + "identifiers": { + "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", + "CVE": [ + "CVE-2015-5654" + ], + "githubID": "GHSA-p82g-2xpp-m5r3" + }, + "info": [ + "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" + ] + }, { "atOrAbove": "1.2", "below": "1.2.4", @@ -2805,23 +2822,6 @@ "https://github.com/dojo/dojo/pull/307" ] }, - { - "below": "1.9.1", - "severity": "medium", - "cwe": [ - "CWE-79" - ], - "identifiers": { - "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", - "CVE": [ - "CVE-2015-5654" - ], - "githubID": "GHSA-p82g-2xpp-m5r3" - }, - "info": [ - "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" - ] - }, { "atOrAbove": "1.10.0", "below": "1.10.10", diff --git a/repository/jsrepository.json b/repository/jsrepository.json index 611d2ba2..8eefbae5 100644 --- a/repository/jsrepository.json +++ b/repository/jsrepository.json @@ -2623,6 +2623,23 @@ "https://github.com/dojo/dojo/pull/307" ] }, + { + "below": "1.2.0", + "severity": "medium", + "cwe": [ + "CWE-79" + ], + "identifiers": { + "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", + "CVE": [ + "CVE-2015-5654" + ], + "githubID": "GHSA-p82g-2xpp-m5r3" + }, + "info": [ + "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" + ] + }, { "atOrAbove": "1.2", "below": "1.2.4", @@ -2717,23 +2734,6 @@ "https://github.com/dojo/dojo/pull/307" ] }, - { - "below": "1.9.1", - "severity": "medium", - "cwe": [ - "CWE-79" - ], - "identifiers": { - "summary": "Versions of dojo prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.", - "CVE": [ - "CVE-2015-5654" - ], - "githubID": "GHSA-p82g-2xpp-m5r3" - }, - "info": [ - "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" - ] - }, { "atOrAbove": "1.10.0", "below": "1.10.10",