4 matches found
CVE-2022-31094
ScratchTools is a web extension designed to make interacting with the Scratch programming language community Scratching easier. In affected versions anybody who uses the Recently Viewed Projects feature is vulnerable to having their account taken over if they view a project that tries to. The iss...
CVE-2022-31094 Cross site scripting vulnerability in ScratchTools
ScratchTools is a web extension designed to make interacting with the Scratch programming language community Scratching easier. In affected versions anybody who uses the Recently Viewed Projects feature is vulnerable to having their account taken over if they view a project that tries to. The iss...
CVE-2022-31094 Cross site scripting vulnerability in ScratchTools
ScratchTools is a web extension designed to make interacting with the Scratch programming language community Scratching easier. In affected versions anybody who uses the Recently Viewed Projects feature is vulnerable to having their account taken over if they view a project that tries to. The iss...
CVE-2022-31094
ScratchTools (a web extension for Scratch) is affected by a cross-site scripting vulnerability in the Recently Viewed Projects feature. If a user views a project whose title contains JavaScript, the title rendering can execute injected code, potentially hijacking the user’s account. The issue is ...