favicon
Dart

CPE Prefix

General information

Website
Description
Dart is a client-optimized programming language for apps on multiple platforms. It is developed by Google and is used to build mobile, desktop, server, and web applications.
Organization
Repository
Versions Page
Release Date
October 10, 2011

Domains using this technology

33.9K
Domain
Security Score
Security Score analyzes found vulnerabilities and indicates a lower or higher risk level of the potential attacks.
Site Title
DNS A record
www.houdart-ac.fr favicon
www.houdart-ac.fr
200
OK
Severe
25 / 100 - Severe security risk
Expert Comptable Paris 11 ème - Houdart Audit & Conseil
-
-
decouvertedartistes.centerblog.net favicon
decouvertedartistes.centerblog.net
200
OK
Severe
25 / 100 - Severe security risk
Blog des artistes du web
-
-
-
-
campusoposiciones.oposito.eu favicon
campusoposiciones.oposito.eu
200
OK
Low
100 / 100 - Low security risk
Acceder al campus
-
-
www.imperialvienna.com favicon
www.imperialvienna.com
200
OK
Low
100 / 100 - Low security risk
Hotel in Vienna: the luxurious Hotel Imperial with royal service
-
-

IPv4 hosts using this technology

3.5K
IP
Security Score
Security Score analyzes found vulnerabilities and indicates a lower or higher risk level of the potential attacks.
Open Ports
Hosted domains
Country
Low
100 / 100 - Low security risk
1
Medium
50 / 100 - Medium security risk
2
Low
100 / 100 - Low security risk
5
Low
100 / 100 - Low security risk
2

Known vulnerabilities

2
CVE ID
Severity
Description
MEDIUM
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
MEDIUM
An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements.