← Back to CVE List
CVE-2021-22540
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt