11 matches found
FreeBSD : py-markdown2 -- XSS vulnerability (cf6f3465-e996-4672-9458-ce803f29fdb7)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cf6f3465-e996-4672-9458-ce803f29fdb7 advisory. - python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match...
Fedora: Security Advisory for python-markdown2 (FEDORA-2020-3864f32b3d)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : python-markdown2 (openSUSE-2020-651)
This update for python-markdown2 fixes the following issues : - CVE-2020-11888: Fixed unsanitized input for cross-site scripting boo1171379 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-651. The...
openSUSE: Security Advisory for python-markdown2 (openSUSE-SU-2020:0651-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0651-1 Security update for python-markdown2
This update for python-markdown2 fixes the following issues: - CVE-2020-11888: Fixed unsanitized input for cross-site scripting boo1171379...
aequitas (>=0.26.0 <=0.42.0), ax (>=0.39.0 <=0.52.0) +27 more potentially affected by CVE-2020-11888 via markdown2 (>=2.3.0 <=2.3.8)
markdown2 PYPI version =2.3.0, =0.26.0, =0.39.0, =0.1.0, =0.5.29, =3.8.3, =0.0.1, =0.4.1, =0.0.1, =0.7.0a1, =0.2.2, =0.4.0rc1590080566 and more Source cves: CVE-2020-11888 Source advisory: OSV:GHSA-FV3H-8X5J-PVGQ...
DEBIAN-CVE-2020-11888
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...
CVE-2020-11888
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...
aequitas (>=0.26.0 <=0.42.0), ax (>=0.39.0 <=0.52.0) +27 more potentially affected by CVE-2020-11888 via markdown2 (>=2.3.0 <=2.3.8)
markdown2 PYPI version =2.3.0, =0.26.0, =0.39.0, =0.1.0, =0.5.29, =3.8.3, =0.0.1, =0.4.1, =0.0.1, =0.7.0a1, =0.2.2, =0.4.0rc1590080566 and more Source cves: CVE-2020-11888 Source advisory: OSV:PYSEC-2020-65...
UBUNTU-CVE-2020-11888
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...
CVE-2020-11888
CVE-2020-11888 affects python-markdown2 up to version 2.3.8, where XSS is possible due to mishandling of element names (e.g., elementname@ or elementname- with an onclick attribute). The provided connected documents indicate that later updates (e.g., 2.3.9) include XSS fixes, and openSUSE/Fedora ...