CVE-2018-7753

Posted on by admin

CVE-2018-7753

An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren’t properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized.

Source: CVE-2018-7753

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다