PT-2020-6852 · Dijit+3 · Dijit+3
Published
2020-06-13
·
Updated
2025-06-16
·
CVE-2020-4051
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Dijit versions 1.11.0 through 1.11.10
Dijit versions 1.12.0 through 1.12.8
Dijit versions 1.13.0 through 1.13.7
Dijit versions 1.14.0 through 1.14.6
Dijit versions 1.15.0 through 1.15.3
Dijit versions 1.16.0 through 1.16.2
Description
The issue is related to a cross-site scripting vulnerability in the Editor's LinkDialog plugin. This vulnerability may allow a remote attacker to impact data integrity. The vulnerability is due to the lack of protection measures for the web page structure.
Recommendations
For Dijit versions 1.11.0 through 1.11.10, update to version 1.11.11.
For Dijit versions 1.12.0 through 1.12.8, update to version 1.12.9.
For Dijit versions 1.13.0 through 1.13.7, update to version 1.13.8.
For Dijit versions 1.14.0 through 1.14.6, update to version 1.14.7.
For Dijit versions 1.15.0 through 1.15.3, update to version 1.15.4.
For Dijit versions 1.16.0 through 1.16.2, update to version 1.16.3.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Dijit
Linuxmint
Ubuntu