HTMLSanitizer 跨站脚本漏洞

HTMLSanitizer is an HTML formatting software open source by JuliaHub. Versions of HTMLSanitizer prior to 2.3.2 had a cross-site scripting vulnerability. This vulnerability occurred when ALLOWINSECURERAWTEXT was enabled, resulting in blank variant closing tags being ignored, which could lead to...

UBUNTU-CVE-2021-29272

bluemonday before 1.0.5 allows XSS because certain Go lowercasing converts an uppercase Cyrillic character, defeating a protection mechanism against the "script" string...