In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
References
Configurations
History
07 Nov 2023, 03:25
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
06 Oct 2022, 20:16
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://advisory.checkmarx.net/advisory/CX-2020-4276 - Exploit, Third Party Advisory |
30 Mar 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-03-24 22:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-6802
Mitre link : CVE-2020-6802
CVE.ORG link : CVE-2020-6802
JSON object : View
Products Affected
fedoraproject
- fedora
mozilla
- bleach
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')