VYPR
Moderate severityGHSA Advisory· Published Dec 3, 2020· Updated Dec 17, 2025

CVE-2020-27783

CVE-2020-27783

Description

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
lxmlPyPI
< 4.6.24.6.2

Affected products

126

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.