logo
DATABASE RESOURCES PRICING ABOUT US

Cross-Site Scripting (XSS)

Description

bleach is vulnerable to cross-site scripting (XSS). The `bleach.clean` behavior when parsing embedded MathML and SVG content with `RCDATA` tags did not match the browser behavior and can result in a mutation XSS.


Affected Software


CPE Name Name Version
bleach 3.1.1
bleach 3.0.0
py3-bleach 3.1.0-r1
py3-bleach:edge 3.1.1-r0

Related