Vulnerabilities > Dart > Dart Software Development KIT > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2022-0451 | Incorrect Authorization vulnerability in Dart Software Development KIT Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. | 6.5 |
| 2021-04-22 | CVE-2021-22540 | Cross-site Scripting vulnerability in Dart Software Development KIT Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. | 6.1 |
| 2020-03-26 | CVE-2020-8923 | Cross-site Scripting vulnerability in Dart Software Development KIT An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). | 6.1 |