CVE-2020-26239

Scratch Addons for Chrome/Firefox is affected by a DOM-based XSS due to an incorrect regular expression in the More Links addon, which unescaped HTML-escaped values when a user visits a specific website. This vulnerability affects versions before 1.3.2; version 1.3.2 fixes the issue and browsers ...