AVG-1720 log

Package python-lxml
Status Fixed
Severity Medium
Type insufficient validation
Affected 4.6.2-2
Fixed 4.6.3-1
Current 4.9.2-3 [extra]
Ticket None
Created Sun Mar 21 10:33:15 2021
Issue Severity Remote Type Description
CVE-2021-28957 Medium No Insufficient validation
python-lxml 4.6.2 places the HTML action attribute into defs.link_attrs (in html/defs.py) for later use in input sanitization, but does not do the same for...