Lucene search

K

Microco Security Vulnerabilities

cve
cve

CVE-2021-42576

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION...

9.8CVSS

9.4AI Score

0.003EPSS

2021-10-18 03:15 PM
54
cve
cve

CVE-2021-29272

bluemonday before 1.0.5 allows XSS because certain Go lowercasing converts an uppercase Cyrillic character, defeating a protection mechanism against the "script"...

6.1CVSS

5.8AI Score

0.001EPSS

2021-03-27 06:15 PM
81
3