The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-10-18T14:36:43
Updated: 2024-08-04T03:38:49.289Z
Reserved: 2021-10-18T00:00:00
Link: CVE-2021-42576
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-18T15:15:07.823
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-42576
Redhat
No data.