rpm package
opensuse/translate-toolkit&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/translate-toolkit&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28957 | — | < 3.3.6-1.3 | 3.3.6-1.3 | Mar 21, 2021 | An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit thi |
- CVE-2021-28957Mar 21, 2021affected < 3.3.6-1.3fixed 3.3.6-1.3
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit thi