Lucene search
China National Vulnerability DatabaseCNVD-2022-09793HistoryJan 10, 2022 - 12:00 a.m.
scratch-svg-renderer cross-site scripting vulnerability
2022-01-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
31.3%
scratch-svg-renderer is a code library used by the Scratch team to convert SVG to DOM elements. scratch-Svg-Renderer suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in WEB applications, which can be exploited to execute client-side code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| scratch scratch-svg-renderer | eq | 0.2.0 |
Related
nvd
nvd
CVE-2020-27428
2022-01-06 00:15:07
osv
osv
Cross-site Scripting in Scratch-Svg-Renderer
2022-01-08 00:44:33
CVE-2020-27428
2022-01-06 00:15:07
cve
cve
CVE-2020-27428
2022-01-06 00:15:07
prion
prion
Cross site scripting
2022-01-06 00:15:00
cvelist
cvelist
CVE-2020-27428
2022-01-05 23:37:45
github
github
Cross-site Scripting in Scratch-Svg-Renderer
2022-01-08 00:44:33
veracode
veracode
Cross-site Scripting (XSS)
2022-01-07 14:40:37