dijit is vulnerable to cross-site scripting. A remote attacker is able to inject and execute arbitrary Javascript in a user’s browser via the Editor’s LinkDialog plugin.
github.com/advisories/GHSA-cxjc-r2fp-7mq6
github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301
github.com/dojo/dijit/security/advisories/GHSA-cxjc-r2fp-7mq6
lists.debian.org/debian-lts-announce/2023/01/msg00030.html
security.netapp.com/advisory/ntap-20201023-0003/
www.oracle.com/security-alerts/cpuoct2020.html