vulnerability
Ubuntu: USN-7569-1 (CVE-2020-4051): Dojo vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Jun 15, 2020 | Jun 17, 2025 | Aug 18, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Jun 15, 2020
Added
Jun 17, 2025
Modified
Aug 18, 2025
Description
In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. This has been fixed in 1.11.11, 1.12.9, 1.13.8, 1.14.7, 1.15.4, 1.16.3.
Solutions
ubuntu-pro-upgrade-libjs-dojo-coreubuntu-pro-upgrade-libjs-dojo-dijitubuntu-pro-upgrade-libjs-dojo-dojoxubuntu-pro-upgrade-shrinksafe
References
- CVE-2020-4051
- https://attackerkb.com/topics/CVE-2020-4051
- CWE-79
- UBUNTU-USN-7569-1
- URL-https://github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301
- URL-https://github.com/dojo/dijit/security/advisories/GHSA-cxjc-r2fp-7mq6
- URL-https://ubuntu.com/security/notices/USN-7569-1
- URL-https://www.cve.org/CVERecord?id=CVE-2020-4051
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.