Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2016-9910

Published: 22/02/2017 Updated: 23/02/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Html5lib

Vulnerability Summary

The serializer in html5lib prior to 0.99999999 might allow remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

html5lib html5lib

Vendor Advisories

Arch Linux Issues:
A potential cross site scripting vulnerability was found in python-html5lib due to unquoted attributes that need escaping in legacy browsers ...

References

CWE-79https://html5lib.readthedocs.io/en/latest/changes.html#b9https://github.com/html5lib/html5lib-python/issues/12https://github.com/html5lib/html5lib-python/issues/11https://github.com/html5lib/html5lib-python/commit/9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7http://www.securityfocus.com/bid/95132http://www.openwall.com/lists/oss-security/2016/12/08/8http://www.openwall.com/lists/oss-security/2016/12/06/5https://nvd.nist.govhttps://security.archlinux.org/CVE-2016-9910
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook