CVE-2020-6802

🗓️ 24 Mar 2020 21:13:04Reported by mozillaType

Affect mutation XSS in Mozilla Bleac

Reporter	Title	Published	Views	Family All 50
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)	19 May 202017:00	–	ibm
AlpineLinux	CVE-2020-6802	24 Mar 202021:13	–	alpinelinux
BDU FSTEC	The vulnerability of Mozilla’s HTML cleaning library, Bleach, arises due to the lack of measures taken to protect the structure of web pages. This allows attackers to execute XSS attacks.	30 Nov 202200:00	–	bdu_fstec
CNVD	Mozilla Bleach Cross-Site Scripting Vulnerability	4 Mar 202000:00	–	cnvd
CVE	CVE-2020-6802	24 Mar 202021:13	–	cve
Debian	[SECURITY] [DSA 4636-1] python-bleach security update	28 Feb 202021:07	–	debian
Debian	[SECURITY] [DSA 4636-1] python-bleach security update	28 Feb 202021:07	–	debian
Debian CVE	CVE-2020-6802	24 Mar 202021:13	–	debiancve
Tenable Nessus	Debian DSA-4636-1 : python-bleach - security update	2 Mar 202000:00	–	nessus
Tenable Nessus	Fedora 30 : python-bleach (2020-827b677e15)	30 Apr 202000:00	–	nessus

[
  {
    "product": "Mozilla Bleach",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "<=3.10"
      }
    ]
  }
]

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTULPQB7HVPPYWEYVNHJGDTSPVIDHIZX/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/72R4VFFHDRSQMNT7IZU3X2755ZP4HGNI/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCNLM2MGQTOLCIVVYS2Z5S7KOQJR5JC4/
advisory	www.advisory.checkmarx.net/advisory/CX-2020-4276
github	www.github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
checkmarx	www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach

30 Mar 2021 21:22Current

6Medium risk

Vulners AI Score6

EPSS0.00267