AVG-2629 log

Package python-lxml
Status Vulnerable
Severity Medium
Type cross-site scripting
Affected 4.6.4-3
Fixed Unknown
Current 4.7.1-1 [extra]
Ticket Create
Created Mon Dec 13 19:17:38 2021
Issue Severity Remote Type Description
CVE-2021-43818 Medium Yes Cross-site scripting
Prior to python-lxml version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files...