Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2022/05/17 12:26 a.m.27 views

Cross-site Scripting in Mistune

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...

6.1CVSS5.7AI score0.00923EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/05/17 12:26 a.m.19 views

GHSA-HPV5-V8G5-C864 Cross-site Scripting in Mistune

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...

6.1CVSS5.8AI score0.00923EPSS
Exploits1References6
Veracode
Veracode
added 2017/10/19 10:13 p.m.22 views

Cross-site Scripting (XSS)

mistune is vulnerable to cross-site scripting XSS attacks. These attacks can be conducted by inserting an unexpected newline or by using an email address to execute arbitrary Javascript...

6.1CVSS6AI score0.00923EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2017/10/19 8:29 a.m.14 views

Design/Logic Flaw

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...

4.3CVSS5.8AI score0.00923EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/10/19 8:29 a.m.21 views

CVE-2017-15612

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...

6.1CVSS6.3AI score0.00923EPSS
Exploits1References2
OSV
OSV
added 2017/10/19 8:29 a.m.23 views

PYSEC-2017-80

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...

6.1CVSS3.6AI score0.00923EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2017/10/19 8:0 a.m.19 views

CVE-2017-15612

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink functions...

6.1CVSS6AI score0.00923EPSS
Exploits1
Rows per page
Query Builder