Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2021-28957

Published: 21/03/2021 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Lxml

Vulnerability Summary

An XSS vulnerability exists in python-lxml's clean module versions prior to 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

lxml lxml

debian debian linux 9.0

debian debian linux 10.0

fedoraproject fedora 33

fedoraproject fedora 34

netapp snapcenter -

oracle zfs storage appliance kit 8.8

Vendor Advisories

Debian CVElist Bug Report Logs: lxml: CVE-2021-28957
Debian Bug report logs - #985643 lxml: CVE-2021-28957 Package: src:lxml; Maintainer for src:lxml is Matthias Klose <doko@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 21 Mar 2021 09:24:01 UTC Severity: important Tags: security, upstream Found in version lxml/462-1 Forwarded to ht ...
Debian Security Advisories: DSA-4880-1 lxml -- security update
Kevin Chung discovered that lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input This would allow a malicious user to mount a cross-site scripting attack For the stable distribution (buster), this problem has been fixed in version 432-1+deb10u3 We recommend that you upgrade your lxml packages For t ...
Red Hat: CVE-2021-28957
A flaw was found in python-lxml The HTML5 formaction attribute is not input sanitized like the HTML action attribute is which can lead to a Cross-Site Scripting attack (XSS) when an application uses python-lxml to sanitize user inputs The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit ...
Arch Linux Issues:
python-lxml 462 places the HTML action attribute into defslink_attrs (in html/defspy) for later use in input sanitization, but does not do the same for the HTML5 formaction attribute ...

References

CWE-79https://bugs.launchpad.net/lxml/+bug/1888153https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270https://lists.debian.org/debian-lts-announce/2021/03/msg00031.htmlhttps://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999https://www.debian.org/security/2021/dsa-4880https://security.netapp.com/advisory/ntap-20210521-0004/https://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://security.gentoo.org/glsa/202208-06https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985643https://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4880
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook