python2-html5lib: cross-site scripting

2016-12-12T00:00:00
ID ASA-201612-12
Type archlinux
Reporter Arch Linux
Modified 2016-12-12T00:00:00

Description

  • CVE-2016-9909 (cross-site scripting)

A potential cross site scripting vulnerability was found in python- html5lib due to unquoted attributes that need escaping in legacy browsers.

  • CVE-2016-9910 (cross-site scripting)

A potential cross site scripting vulnerability was found in python- html5lib due to unquoted attributes that need escaping in legacy browsers.