Lucene search

K
osvGoogleOSV:USN-4896-2
HistoryApr 08, 2021 - 12:46 p.m.

lxml vulnerability

2021-04-0812:46:21
Google
osv.dev
11
lxml
vulnerability
ubuntu 14.04 esm
html attributes
cross-site scripting

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

61.6%

USN-4896-1 fixed a vulnerability in lxml. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that lxml incorrectly handled certain HTML attributes. A
remote attacker could possibly use this issue to perform cross-site
scripting (XSS) attacks.