It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when'noscript' and one or more raw text tags were whitelisted.
openSUSE: Security Advisory for python-bleach (openSUSE-SU-2020:0308-1)
Fedora: Security Advisory for python-bleach (FEDORA-2020-827b677e15)
Fedora: Security Advisory for python-bleach (FEDORA-2020-e1fa96c506)
Fedora: Security Advisory for python-bleach (FEDORA-2020-e9c8bdd1e3)
Cross-Site Scripting (XSS)
python-bleach - security update
Security Bulletin: A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)