Python-Markdown2 Project: >> Python-Markdown2 >> 2.3.6 Security Vulnerabilities
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.
CVSS Score
6.1
EPSS Score
0.008
Published
2020-04-20