{"id":"CVE-2020-4051","details":"In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. This has been fixed in 1.11.11, 1.12.9, 1.13.8, 1.14.7, 1.15.4, 1.16.3.","aliases":["GHSA-cxjc-r2fp-7mq6"],"modified":"2026-04-02T06:09:51.615245Z","published":"2020-06-15T22:15:09.973Z","related":["GHSA-cxjc-r2fp-7mq6","MGASA-2023-0039"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20201023-0003/"},{"type":"ADVISORY","url":"https://github.com/dojo/dijit/security/advisories/GHSA-cxjc-r2fp-7mq6"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00030.html"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"type":"FIX","url":"https://github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dojo/dijit","events":[{"introduced":"0"},{"fixed":"a6e887fc1171ea3aceec52ec836fea1b6402d4ec"},{"introduced":"63f4731390f37d55ad841a753b6fb9c9a26f75a3"},{"fixed":"0d348b2514c1b588a2635525bc2be0b225f266ea"},{"introduced":"7fe829faac3e838c2df769f683246af2c0ce355a"},{"fixed":"df81ff5f8f04f5f4d4b2ac70e1cdb7be1a9bbc23"},{"introduced":"b7e19b19cf1982a545de8d79f2750bfeecb9a00d"},{"fixed":"1d1bf0d8dadc5095af88316bd95e5de0804c8d76"},{"introduced":"9b60132bdf1a91da00fd4a3d0a1b7f3df6e5b48a"},{"fixed":"189135bfa6677ee1ab3b35be601303db66abecc9"},{"introduced":"0be9a371d43d3cc9008554b10a0bff5efa07f667"},{"fixed":"1ed6134ba5f8bd26428becebb946cfb6d371de86"},{"fixed":"462bdcd60d0333315fe69ab4709c894d78f61301"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.11.11"},{"introduced":"1.12.0"},{"fixed":"1.12.9"},{"introduced":"1.13.0"},{"fixed":"1.13.8"},{"introduced":"1.14.0"},{"fixed":"1.14.7"},{"introduced":"1.15.0"},{"fixed":"1.15.4"},{"introduced":"1.16.0"},{"fixed":"1.16.3"}]}}],"versions":["0.0.0test","0.9.0","0.9.0beta","0.9.0rc1","1.0.0","1.0.0beta","1.0.0rc1","1.1.0","1.1.0b2","1.1.0b3","1.1.0rc1","1.1.0rc2","1.1.1","1.1.1-maven","1.1.1rc1","1.1.1rc2","1.1.2","1.1.2rc1","1.10.0","1.10.0-beta1","1.10.0-rc1","1.10.1","1.10.10","1.10.2","1.10.3","1.10.4","1.10.5","1.10.6","1.10.7","1.10.8","1.10.9","1.11.0","1.11.0-rc1","1.11.0-rc2","1.11.0-rc3","1.11.0-rc4","1.11.0-rc5","1.11.1","1.11.10","1.11.2","1.11.3","1.11.4","1.11.5","1.11.6","1.11.7","1.11.8","1.11.9","1.12.0","1.12.0-rc1","1.12.0-rc2","1.12.0-rc3","1.12.0-rc4","1.12.1","1.12.2","1.12.3","1.12.4","1.12.5","1.12.6","1.12.7","1.12.8","1.13.0","1.13.1","1.13.2","1.13.3","1.13.4","1.13.5","1.13.6","1.13.7","1.14.0","1.14.1","1.14.2","1.14.3","1.14.4","1.14.5","1.14.6","1.15.0","1.15.1","1.15.2","1.15.3","1.16.0","1.16.1","1.16.2","1.17.0","1.17.1","1.17.2","1.17.3","1.1b1","1.2.0","1.2.0b1","1.2.0b1m1rc1","1.2.0b1m2","1.2.0b1rc1m2","1.2.0b2","1.2.0rc1","1.2.0rc2","1.2.1","1.2.1rc1","1.2.1rc2","1.2.2","1.2.2rc1","1.2.3","1.2.3rc1","1.2.3rc2","1.2.4","1.3.0","1.3.0b1","1.3.0b2","1.3.0b3","1.3.0rc1","1.3.0rc2","1.3.1","1.3.1rc1","1.3.2","1.3.2rc1","1.3.2rc2","1.3.3","1.4.0","1.4.0-tc1","1.4.0b1","1.4.0b2","1.4.0rc1","1.4.0rc2","1.4.1","1.4.1rc1","1.4.2","1.4.2rc1","1.4.3","1.4.4","1.4.4rc1","1.4.5","1.4.6","1.4.7","1.4.8","1.5.0","1.5.0b1","1.5.0b2","1.5.0b3","1.5.0rc1","1.5.0rc2","1.5.0rc3","1.5.1","1.5.1rc1","1.5.2","1.5.2rc1","1.5.3","1.5.4","1.5.5","1.5.6","1.6.0","1.6.0b1","1.6.0b2","1.6.0rc1","1.6.1","1.6.1rc1","1.6.1rc2","1.6.2","1.6.3","1.6.4","1.6.5","1.7.0","1.7.0b1","1.7.0b2","1.7.0b3","1.7.0b4","1.7.0b5","1.7.0b6","1.7.0rc1","1.7.0rc2","1.7.0throwaway","1.7.1","1.7.10","1.7.11","1.7.12","1.7.1rc1","1.7.1rc2","1.7.2","1.7.2rc1","1.7.3","1.7.3rc1","1.7.4","1.7.4rc1","1.7.5","1.7.6","1.7.7","1.7.8","1.7.9","1.8.0","1.8.0b1","1.8.0rc1","1.8.0rc2","1.8.1","1.8.10","1.8.11","1.8.12","1.8.13","1.8.14","1.8.1rc1","1.8.1rc2","1.8.1rc3","1.8.2","1.8.2rc1","1.8.3","1.8.4","1.8.4rc1","1.8.5","1.8.6","1.8.7","1.8.8","1.8.9","1.9.0","1.9.0a1","1.9.0a2","1.9.0b1","1.9.0b2","1.9.0rc1","1.9.0rc2","1.9.1","1.9.10","1.9.11","1.9.2","1.9.3","1.9.4","1.9.5","1.9.6","1.9.7","1.9.8","1.9.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-4051.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}