www/py-bleach -- multiple vulnerabilities

2020-02-13T00:00:00
ID 3D19C776-68E7-11EA-91DB-0050562A4D7B
Type freebsd
Reporter FreeBSD
Modified 2020-02-13T00:00:00

Description

  • bleach.clean behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS.

Calls to bleach.clean with strip=False and math or svg tags and one or more of the RCDATA tags script, noscript, style, noframes, iframe, noembed, or xmp in the allowed tags whitelist were vulnerable to a mutation XSS.

  • bleach.clean behavior parsing noscript tags did not match browser behavior.

Calls to bleach.clean allowing noscript and one or more of the raw text tags (title, textarea, script, style, noembed, noframes, iframe, and xmp) were vulnerable to a mutation XSS.