Description
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Remediation
References
https://dojotoolkit.org/blog/dojo-1-14-released
https://github.com/dojo/dojox/pull/283
https://lists.debian.org/debian-lts-announce/2018/09/msg00002.html
Related Vulnerabilities
CVE-2015-7520 Vulnerability in maven package org.apache.wicket:wicket-core
CVE-2022-23107 Vulnerability in maven package io.jenkins.plugins:warnings-ng
CVE-2011-2204 Vulnerability in maven package tomcat:catalina
CVE-2018-1000600 Vulnerability in maven package com.coravy.hudson.plugins.github:github
CVE-2020-2162 Vulnerability in maven package org.jenkins-ci.main:jenkins-core