4 matches found
CVE-2020-8923
An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript XSS. Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the d...
CVE-2020-8923
An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript XSS. Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the d...
CVE-2020-8923 XSS in Dart
An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript XSS. Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the d...
CVE-2020-8923
CVE-2020-8923 describes an XSS in Dart via improper HTML sanitization that can be bypassed using DOM Clobbering. Affected: Dart SDK up to 2.7.1 and dev versions 2.8.0-dev.16.0 . Impact: attacker can inject custom HTML/JavaScript when user-provided data populates DOM nodes. Mitigation: upgrade to ...