CVE-2021-42576

CVE-2021-42576 affects the bluemonday HTML sanitizer. The issue is that policies for the STYLE, SELECT and OPTION elements are not properly enforced in bluemonday before versions 1.0.16 (Go) and 0.0.8 (Python/pybluemonday). Root cause: policy enforcement gaps allow disallowed styling to leak into...