CVE-2018-15494: dojo: Cross-site scripting (XSS) due to unescaped strings when editing rows in dojox/Grid/DataGrid

Severity: Critical

CVSS Score: 9.8

In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.