logo
DATABASE RESOURCES PRICING ABOUT US

PYSEC-2020-27

Description

In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.


Affected Software


CPE Name Name Version
bleach 1.0.4
bleach 0.2.2
bleach 2.1.3
bleach 0.2
bleach 1.2.2
bleach 1.4.2
bleach 1.2.1
bleach 1.4.3
bleach 1.1.5
bleach 1.0.3
bleach 0.5.1
bleach 3.0.1
bleach 2.1.2
bleach 1.4.1
bleach 1.1.1
bleach 0.1.1
bleach 1.2
bleach 1.1.4
bleach 2.1
bleach 1.5.0
bleach 1.0.1
bleach 0.1.2
bleach 0.5.0
bleach 3.0.0
bleach 2.1.1
bleach 1.1.2
bleach 0.2.1
bleach 0.3.4
bleach 0.3.3
bleach 1.1.3
bleach 2.0.0
bleach 2.1.4
bleach 1.1.0
bleach 1.4
bleach 0.1
bleach 1.0.2
bleach 3.1.0
bleach 0.3.1
bleach 3.0.2
bleach 1.0.0
bleach 0.3

Related