Filtered by vendor Microco
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-42576 | 2 Microco, Python | 2 Bluemonday, Pybluemonday | 2024-11-21 | 9.8 Critical |
| The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. | ||||
| CVE-2021-29272 | 1 Microco | 1 Bluemonday | 2024-11-21 | 6.1 Medium |
| bluemonday before 1.0.5 allows XSS because certain Go lowercasing converts an uppercase Cyrillic character, defeating a protection mechanism against the "script" string. | ||||
Page 1 of 1.