Lucene search
PRIOn knowledge basePRION:CVE-2020-11888HistoryApr 20, 2020 - 4:15 p.m.
Cross site scripting
2020-04-2016:15:00
PRIOn knowledge base
www.prio-n.com
2
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.
| CPE | Name | Operator | Version |
|---|---|---|---|
| python-markdown2 | le | 2.3.8 |
References
lists.opensuse.org/opensuse-security-announce/2020-05/msg00031.html
lists.opensuse.org/opensuse-security-announce/2020-05/msg00035.html
github.com/trentm/python-markdown2/issues/348
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XOAIRJJCZNJUALXDHSIGH5PS2H63A3J/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQLRBGRVRRZK7P5SFL2MNGXFX37YHJAV/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN6QSHRFZXRQAYZJQ4MOW5MKIXBYOMED/
Related
suse
suse
Security update for python-markdown2 (moderate)
2020-05-12 00:00:00
Security update for python-markdown2 (moderate)
2020-05-11 00:00:00
freebsd
freebsd
py-markdown2 -- XSS vulnerability
2020-04-20 00:00:00
nvd
nvd
CVE-2020-11888
2020-04-20 16:15:14
osv
osv
CVE-2020-11888
2020-04-20 16:15:14
XSS in python-markdown2
2020-04-22 20:59:50
PYSEC-2020-65
2020-04-20 16:15:00
openvas
openvas
Fedora: Security Advisory for python-markdown2 (FEDORA-2020-5f8f90e69c)
2020-05-29 00:00:00
Fedora: Security Advisory for python-markdown2 (FEDORA-2020-ab379d4b90)
2020-05-29 00:00:00
openSUSE: Security Advisory for python-markdown2 (openSUSE-SU-2020:0651-1)
2020-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2020-11888
2020-04-20 00:00:00
cve
cve
CVE-2020-11888
2020-04-20 16:15:14
fedora
fedora
[SECURITY] Fedora 31 Update: python-markdown2-2.3.9-1.fc31
2020-05-25 02:56:51
[SECURITY] Fedora 30 Update: python-markdown2-2.3.9-1.fc30
2020-05-25 03:20:58
[SECURITY] Fedora 32 Update: python-markdown2-2.3.9-1.fc32
2020-05-25 02:47:49
nessus
nessus
FreeBSD : py-markdown2 -- XSS vulnerability (cf6f3465-e996-4672-9458-ce803f29fdb7)
2023-08-31 00:00:00
Fedora 30 : python-markdown2 (2020-3864f32b3d)
2020-05-26 00:00:00
openSUSE Security Update : python-markdown2 (openSUSE-2020-651)
2020-05-12 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-21 01:42:43
debiancve
debiancve
CVE-2020-11888
2020-04-20 16:15:14
github
github
XSS in python-markdown2
2020-04-22 20:59:50
cvelist
cvelist
CVE-2020-11888
2020-04-20 15:48:13