0.001 Low
EPSS
Percentile
34.2%
dijit is vulnerable to cross-site scripting (XSS) attacks. Attackers can execute arbitrary webscript through the onload attributes of SVG elements.
github.com/dojo/dijit/commit/9bed588a5439d27958ea49196ff5ac6ec95539c8
github.com/dojo/dijit/pull/146
github.com/imsebao/404team/blob/master/dijit_editor_xss.md