PT-2020-21486 · Google · Google Closure Library
Published
2020-09-02
·
Updated
2020-09-02
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
google-closure-library versions prior to 20190301.0.0
Description
The issue concerns improper processing of empty elements by the
safedomtreeprocessor.processToString() function, which could allow attackers to execute arbitrary JavaScript through Mutation Cross-Site Scripting.Recommendations
Upgrade to version 20190301.0.0 or later.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Closure Library