Mozilla - Bleach CVE

Filtered by vendor Mozilla Subscribe

Filtered by product Bleach

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-6816	1 Mozilla	1 Bleach	2021-03-30	4.3 MEDIUM	6.1 MEDIUM
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.
CVE-2020-6802	2 Fedoraproject, Mozilla	2 Fedora, Bleach	2021-03-30	4.3 MEDIUM	6.1 MEDIUM
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.

Vulnerabilities (CVE)