CVE-2017-15612

Published October 19th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.

lepture/mistune

A fast yet powerful Python Markdown parser with renderers and plugins.

GitHub

3.04K