CVE-2020-11888

CVE-2020-11888 affects python-markdown2 up to version 2.3.8, where XSS is possible due to mishandling of element names (e.g., elementname@ or elementname- with an onclick attribute). The provided connected documents indicate that later updates (e.g., 2.3.9) include XSS fixes, and openSUSE/Fedora ...