This affects the package scratch-svg-renderer prior to 0.2.0-prerelease.20201019174008. The loadString function does not escape SVG properly, which can be used to inject arbitrary elements into the DOM via the _transformMeasurements function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mit scratch-svg-renderer 0.1.0 |
||
mit scratch-svg-renderer 0.2.0 |