What is the severity of CVE-2010-2275?

CVE-2010-2275 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2010-2275?

To fix CVE-2010-2275, you should upgrade to Dojo Toolkit SDK version 1.4.2 or later.

What does CVE-2010-2275 affect?

CVE-2010-2275 affects various versions of the Dojo Toolkit SDK prior to 1.4.2.

How does CVE-2010-2275 exploit work?

CVE-2010-2275 allows attackers to inject arbitrary web script or HTML through the theme parameter.

Is CVE-2010-2275 still a risk if I use a patched version of Dojo Toolkit?

If you are using a patched version of Dojo Toolkit, CVE-2010-2275 should no longer pose a risk.

Vulnerability/
CVE-2010-2275

medium

4.3

CWE

14/6/2010

16/9/2024

CVE-2010-2275: XSS

First published: Mon Jun 14 2010(Updated: )

Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Dojo Toolkit	<=1.4.1
Dojo Toolkit	=0.1.0
Dojo Toolkit	=0.2.0
Dojo Toolkit	=0.2.1
Dojo Toolkit	=0.2.2
Dojo Toolkit	=0.3.0
Dojo Toolkit	=0.3.1
Dojo Toolkit	=0.4.0
Dojo Toolkit	=0.4.1
Dojo Toolkit	=0.4.2
Dojo Toolkit	=0.4.3
Dojo Toolkit	=0.9.0
Dojo Toolkit	=0.9.0-beta
Dojo Toolkit	=1.0
Dojo Toolkit	=1.0.1
Dojo Toolkit	=1.0.2
Dojo Toolkit	=1.1
Dojo Toolkit	=1.1.1
Dojo Toolkit	=1.2
Dojo Toolkit	=1.2.1
Dojo Toolkit	=1.2.2
Dojo Toolkit	=1.2.3
Dojo Toolkit	=1.3
Dojo Toolkit	=1.3.1
Dojo Toolkit	=1.3.2
Dojo Toolkit	=1.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2275?
CVE-2010-2275 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2010-2275?
To fix CVE-2010-2275, you should upgrade to Dojo Toolkit SDK version 1.4.2 or later.
What does CVE-2010-2275 affect?
CVE-2010-2275 affects various versions of the Dojo Toolkit SDK prior to 1.4.2.
How does CVE-2010-2275 exploit work?
CVE-2010-2275 allows attackers to inject arbitrary web script or HTML through the theme parameter.
Is CVE-2010-2275 still a risk if I use a patched version of Dojo Toolkit?
If you are using a patched version of Dojo Toolkit, CVE-2010-2275 should no longer pose a risk.

agent/type
agent/severity
agent/author
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/dojotoolkit
canonical/dojo toolkit
version/dojo toolkit/1.4.1
version/dojo toolkit/0.1.0
version/dojo toolkit/0.2.0
version/dojo toolkit/0.2.1
version/dojo toolkit/0.2.2
version/dojo toolkit/0.3.0
version/dojo toolkit/0.3.1
version/dojo toolkit/0.4.0
version/dojo toolkit/0.4.1
version/dojo toolkit/0.4.2
version/dojo toolkit/0.4.3
version/dojo toolkit/0.9.0
version/dojo toolkit/0.9.0-beta
version/dojo toolkit/1.0
version/dojo toolkit/1.0.1
version/dojo toolkit/1.0.2
version/dojo toolkit/1.1
version/dojo toolkit/1.1.1
version/dojo toolkit/1.2
version/dojo toolkit/1.2.1
version/dojo toolkit/1.2.2
version/dojo toolkit/1.2.3
version/dojo toolkit/1.3
version/dojo toolkit/1.3.1
version/dojo toolkit/1.3.2
version/dojo toolkit/1.4