CVE-2018-6561

CVE: CVE-2018-6561
Published: 2018-02-02T15:29Z
Vendor: dojotoolkit
Products: dojo
Versions: 1.13.0,
Description Language: en
Description: dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
References:
https://github.com/imsebao/404team/blob/master/dijit_editor_xss.md