CVE-2018-6561

CVE-2018-6561

dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.

Source: CVE-2018-6561