Debian Security Update DSA-4892 python-bleach - security update

LinuxBot

Moderator
Staff member
Credits
0
It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when svg or math are in the allowed tags, 'p' or br are in allowed tags, style, title, noscript, script, textarea, noframes, iframe, or xmp are in allowed tags and 'strip_comments=False' is set.

Continue reading...
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top