CVE-2010-2274
Description
Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html.
Risk Information
Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.909
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo 1.0.3 | Windows |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo 1.1.2 | Windows |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo 1.2.4 | Windows |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo 1.3.3 | Windows |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo 1.4.2 | Windows |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo for Linux 1.0.3 | Linux |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo for Linux 1.1.2 | Linux |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo for Linux 1.2.4 | Linux |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo for Linux 1.3.3 | Linux |
| Vulnerabilities CVE-2010-2274 are fixed in Dojotoolkit - dojo for Linux 1.4.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234