Skip to main content
CVE-2018-15494 CRITICAL PATCH Act Now

In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Dojo Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy