Security Advisory

CVE-2021-29272

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-27 17:57:28

Last updated 2024-08-03 22:02:51

Assigner mitre

State PUBLISHED

Description

bluemonday before 1.0.5 allows XSS because certain Go lowercasing converts an uppercase Cyrillic character, defeating a protection mechanism against the "script" string.

← Browse all CVEs View on cve.org ↗