CVE-2021-22540 log

Severity Medium
Remote Yes
Type Cross-site scripting
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use a cross-site scripting (XSS) attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
Group Package Affected Fixed Severity Status Ticket
AVG-1859 dart 2.12.2-1 2.12.3-1 Medium Fixed