Bugzilla – Bug 949949
VUL-0: CVE-2015-5654: dojo: Cross-site scripting (XSS) vulnerability
Last modified: 2015-10-12 09:11:40 UTC
Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5654 http://www.cvedetails.com/cve/CVE-2015-5654/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5654 http://jvndb.jvn.jp/jvndb/JVNDB-2015-000153 http://jvn.jp/en/jp/JVN13456571/index.html
Does not affect the dojo version shipped in SLE 11. Not in openSUSE.