Lucene search
GoogleOSV:GO-2022-0762HistoryMay 18, 2021 - 9:07 p.m.
Cross-site scripting due to incorrect sanitization in github.com/microcosm-cc/bluemonday
2021-05-1821:07:37
Google
osv.dev
7
0.001 Low
EPSS
Percentile
29.5%
An XSS injection was possible because the sanitization of the Cyrillic character i bypass a protection mechanism against user-inputted HTML elements such as the <script> tag.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/microcosm-cc/bluemonday | lt | 1.0.5 |
Related
alpinelinux
alpinelinux
CVE-2021-29272
2021-03-27 18:15:13
github
github
Cross-site scripting in bluemonday
2021-05-18 21:07:37
redhatcve
redhatcve
CVE-2021-29272
2021-03-29 18:02:59
veracode
veracode
Cross-site Scripting (XSS)
2021-03-29 04:20:50
prion
prion
Design/Logic Flaw
2021-03-27 18:15:00
cve
cve
CVE-2021-29272
2021-03-27 18:15:13
nvd
nvd
CVE-2021-29272
2021-03-27 18:15:13
ubuntucve
ubuntucve
CVE-2021-29272
2021-03-27 00:00:00
cvelist
cvelist
CVE-2021-29272
2021-03-27 17:57:28
osv
osv
Cross-site scripting in bluemonday
2021-05-18 21:07:37
CVE-2021-29272
2021-03-27 18:15:13