4 matches found
CVE-2020-26239
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which caused the HTML-escape...
CVE-2020-26239
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which caused the HTML-escape...
CVE-2020-26239 Cross-Site Scripting in Scratch browser addons
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which caused the HTML-escape...
CVE-2020-26239
Scratch Addons for Chrome/Firefox is affected by a DOM-based XSS due to an incorrect regular expression in the More Links addon, which unescaped HTML-escaped values when a user visits a specific website. This vulnerability affects versions before 1.3.2; version 1.3.2 fixes the issue and browsers ...