Microco - Bluemonday CVE

Filtered by vendor Microco Subscribe

Filtered by product Bluemonday

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-29272	1 Microco	1 Bluemonday	2021-06-04	4.3 MEDIUM	6.1 MEDIUM
bluemonday before 1.0.5 allows XSS because certain Go lowercasing converts an uppercase Cyrillic character, defeating a protection mechanism against the "script" string.

Vulnerabilities (CVE)