50 matches found
CVE-2016-9910
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...
CVE-2016-9910
CVE-2016-9910 affects the html5lib serializer prior to 0.99999999 and enables cross-site scripting (XSS) through mishandling of special characters in attribute values, a distinct issue from CVE-2016-9909. The connected documents confirm this is a separate vulnerability entry without additional ex...
MGASA-2017-0001 Updated python-html5lib packages fix security vulnerability
Fixes a potential cross-site scripting vulnerablity: quote attributes that need escaping in legacy browsers. CVE-2016-9909, CVE-2016-9910...
Updated python-html5lib packages fix security vulnerability
Fixes a potential cross-site scripting vulnerablity: quote attributes that need escaping in legacy browsers. CVE-2016-9909, CVE-2016-9910...
PT-2017-10386 · Html5Lib +1 · Html5Lib +1
Name of the Vulnerable Software and Affected Versions: html5lib versions prior to 0.99999999 Description: The issue concerns the serializer in html5lib, which might allow remote attackers to conduct cross-site scripting XSS attacks. This is due to the mishandling of special characters in attribut...
PT-2017-10385 · Html5Lib +1 · Html5Lib +1
Name of the Vulnerable Software and Affected Versions: html5lib versions prior to 0.99999999 Description: The issue concerns the mishandling of the character in attribute values by the serializer in html5lib, potentially allowing remote attackers to conduct cross-site scripting XSS attacks...
html5lib cross-site scripting vulnerability
html5lib is a Python library for parsing HTML. A cross-site scripting vulnerability exists in html5lib, which stems from the program's failure to adequately filter user-submitted input. The vulnerability can be exploited to execute arbitrary script code in a user's browser to steal cookie-based...
html5lib cross-site scripting vulnerability (CNVD-2017-00053)
html5lib is a Python library for parsing HTML. A cross-site scripting vulnerability exists in html5lib, which stems from the program's failure to adequately filter user-submitted input. The vulnerability can be exploited to execute arbitrary script code in a user's browser to steal cookie-based...
[ASA-201612-13] python-html5lib: cross-site scripting
Arch Linux Security Advisory ASA-201612-13 ========================================== Severity: Low Date : 2016-12-12 CVE-ID : CVE-2016-9909 CVE-2016-9910 Package : python-html5lib Type : cross-site scripting Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...
[ASA-201612-12] python2-html5lib: cross-site scripting
Arch Linux Security Advisory ASA-201612-12 ========================================== Severity: Low Date : 2016-12-12 CVE-ID : CVE-2016-9909 CVE-2016-9910 Package : python2-html5lib Type : cross-site scripting Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The packag...