Lucene search
PRIOn knowledge basePRION:CVE-2020-6802HistoryMar 24, 2020 - 10:15 p.m.
Design/Logic Flaw
2020-03-2422:15:00
PRIOn knowledge base
www.prio-n.com
5
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
References
advisory.checkmarx.net/advisory/CX-2020-4276
github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/72R4VFFHDRSQMNT7IZU3X2755ZP4HGNI/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCNLM2MGQTOLCIVVYS2Z5S7KOQJR5JC4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTULPQB7HVPPYWEYVNHJGDTSPVIDHIZX/
www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach
Related
openvas
openvas
openSUSE: Security Advisory for python-bleach (openSUSE-SU-2020:0308-1)
2020-03-08 00:00:00
Mageia: Security Advisory (MGASA-2020-0125)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4636-1)
2020-02-29 00:00:00
debiancve
debiancve
CVE-2020-6802
2020-03-24 22:15:12
nessus
nessus
openSUSE Security Update : python-bleach (openSUSE-2020-308)
2020-03-09 00:00:00
Debian DSA-4636-1 : python-bleach - security update
2020-03-02 00:00:00
Fedora 31 : python-bleach (2020-e1fa96c506)
2020-04-30 00:00:00
ubuntucve
ubuntucve
CVE-2020-6802
2020-03-24 00:00:00
osv
osv
PYSEC-2020-27
2020-03-24 22:15:00
XSS in Bleach when noscript and raw tag whitelisted
2020-02-24 17:33:44
python-bleach - security update
2020-02-28 00:00:00
suse
suse
Security update for python-bleach (important)
2020-03-07 00:00:00
Security update for python-bleach (important)
2020-03-09 00:00:00
alpinelinux
alpinelinux
CVE-2020-6802
2020-03-24 22:15:12
github
github
XSS in Bleach when noscript and raw tag whitelisted
2020-02-24 17:33:44
mageia
mageia
Updated python-bleach packages fix security vulnerability
2020-03-06 19:13:58
cve
cve
CVE-2020-6802
2020-03-24 22:15:12
debian
debian
[SECURITY] [DSA 4636-1] python-bleach security update
2020-02-28 21:07:06
[SECURITY] [DSA 4636-1] python-bleach security update
2020-02-28 21:07:06
veracode
veracode
Cross-Site Scripting (XSS)
2020-02-25 05:39:17
cvelist
cvelist
CVE-2020-6802
2020-03-24 21:13:04
nvd
nvd
CVE-2020-6802
2020-03-24 22:15:12
fedora
fedora
[SECURITY] Fedora 30 Update: python-bleach-3.1.4-2.fc30
2020-04-30 02:51:57
[SECURITY] Fedora 32 Update: python-bleach-3.1.4-2.fc32
2020-05-01 04:07:36
[SECURITY] Fedora 31 Update: python-bleach-3.1.4-2.fc31
2020-04-30 03:44:15
