CVE-2020-27783

Updated: 2023-11-07 20:18:21.298633

Description:

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.3
CVSS Version 3.x MEDIUM 6.1

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9 Python python2 2.7.18 6.1 MEDIUM Ignored 2023-11-15 08:20:26