PT-2020-19766 · Scratch · Scratch-Svg-Renderer

Apple502J

Published

2020-10-21

Updated

2020-12-02

CVE-2020-7750

CVSS v3.1

9.6

Critical

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions scratch-svg-renderer versions prior to 0.2.0-prerelease.20201019174008

Description The issue concerns the loadString function, which fails to properly escape SVG. This can lead to the injection of arbitrary elements into the DOM via the transformMeasurements function.

Recommendations For versions prior to 0.2.0-prerelease.20201019174008, consider disabling the loadString function until a patch is available to prevent potential DOM injection attacks.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-7750

GHSA-J977-G5VJ-J27G

SNYK-JS-SCRATCHSVGRENDERER-1020497

Affected Products

Scratch-Svg-Renderer

PT-2020-19766 · Scratch · Scratch-Svg-Renderer

CVE-2020-7750

Weakness Enumeration

Related Identifiers

Affected Products

References · 6