2 matches found
python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS
A flaw was found in python-lxml. The HTML5 formaction attribute is not input sanitized like the HTML action attribute is which can lead to a Cross-Site Scripting attack XSS when an application uses python-lxml to sanitize user inputs. The highest threat from this vulnerability is to data...
Lxml 跨站脚本漏洞
Lxml is a software from the individual developers of Lxml that can interact with Python for locating elements in Html. A cross-site scripting vulnerability exists in lxml 4.6.2, which stems from the HTML5 formaction attribute...