Hi, I have the same problem on video-a-la-demande.orange.fr website, the exploit is JS:Pdfka-AYC. But the website is sure and the file is dojo.js that is an official file created with dojotoolkit framework.
I think it's a false positive case, will you correct this point ?
Have you got some explanation ?
Thanks for your responses