Skip to main content

Pybluemonday

1 CVEs product

Monthly

CVE-2021-42576 LIB CRITICAL POC PATCH Act Now

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Information Disclosure Bluemonday Pybluemonday
NVD
CVSS 3.1
9.8
EPSS
1.5%
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Information Disclosure Bluemonday +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy