VYPR
Unrated severityNVD Advisory· Published Apr 22, 2021· Updated Aug 3, 2024

XSS in Dart SDK

CVE-2021-22540

Description

Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Dart/SDKllm-fuzzy
    Range: <2.12.3
  • Google LLC/Dart SDKv5
    Range: stable

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.