Lucene search
Python-markdown2 ProjectPython-markdown2*
2 matches found
CVE-2020-11888
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.
6.1CVSS5.7AI score0.00848EPSS
CVE-2009-3724
python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues.
6.1CVSS6AI score0.0024EPSS