Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
CPE | Name | Operator | Version |
---|---|---|---|
dart_software_development_kit | lt | 2.12.3 |