Miggo Logo

CVE-2020-7750: Cross-Site Scripting in scratch-svg-renderer

9.7

CVSS Score
3.1

Basic Information

EPSS Score
0.90962%
Published
11/9/2020
Updated
1/9/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
scratch-svg-renderernpm<= 0.2.0-prerelease.202010161217100.2.0-prerelease.20201019174008

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit diff shows critical changes in _transformMeasurements where DOMPurify was added to sanitize SVG content. The vulnerability description explicitly mentions improper escaping in SVG handling that occurs during measurement transformations. The pre-patch code directly cloned and appended user-controlled SVG elements, while the fix introduced sanitization at this exact location. Though loadString is mentioned in the advisory, the actual DOM injection occurs in _transformMeasurements during rendering measurements.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T*is *****ts t** p**k*** s*r*t**-sv*-r*n**r*r ***or* *.*.*-pr*r*l**s*.**************. T** lo**Strin* *un*tion *o*s not *s**p* SV* prop*rly, w*i** **n ** us** to inj**t *r*itr*ry *l*m*nts into t** *OM vi* t** _tr*ns*ormM**sur*m*nts *un*tion.

Reasoning

T** *ommit *i** s*ows *riti**l ***n**s in _tr*ns*ormM**sur*m*nts w**r* *OMPuri*y w*s ***** to s*nitiz* SV* *ont*nt. T** vuln*r**ility **s*ription *xpli*itly m*ntions improp*r *s**pin* in SV* **n*lin* t**t o**urs *urin* m**sur*m*nt tr*ns*orm*tions. T*