Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package dojox, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2020-5259 — CVSS 7.7 (high): In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the…
CVE-2019-10785 — CVSS 6.1 (medium): dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due…