CVE-2021-46871

tag.ex in Phoenix Phoenix.HTML aka phoenixhtml before 3.0.4 allows XSS in HEEx class attributes...

CVE-2021-46871

Summary: CVE-2021-46871 affects Phoenix.HTML (Phoenix HTML) tag.ex prior to 3.0.4, where HEEx class attributes can trigger XSS. The root cause is insufficient escaping in tag.ex within phoenix_html before version 3.0.4. Details from provided documents: Affected component: phoenix_html (tag.ex); v...

Phoenix.HTML 跨站脚本漏洞

Phoenix.HTML is Phoenix framework open source a function . Used to handle HTML strings and templates. A security vulnerability exists in Phoenix.HTML versions prior to 3.0.4. Attackers use this vulnerability to execute cross-site scripting attacks...

CVE-2021-46871

tag.ex in Phoenix Phoenix.HTML aka phoenixhtml before 3.0.4 allows XSS in HEEx class attributes...

PT-2022-12947 · Phoenix · Phoenix.Html

Name of the Vulnerable Software and Affected Versions: Phoenix Phoenix.HTML aka phoenix html versions prior to 3.0.4 Description: The issue allows XSS in HEEx class attributes. The class attribute was not protected against XSS attacks when using HEEx. Recommendations: For versions prior to 3.0.4,...