mutation XSS via whitelisted math or svg and raw tag in Bleach
Description
Reviewed
Mar 23, 2020
Published to the GitHub Advisory Database
Mar 24, 2020
Published by the National Vulnerability Database
Mar 24, 2020
Last updated
Jan 28, 2023
Impact
A mutation XSS affects users calling
bleach.clean
with all of:svg
ormath
in the allowed/whitelisted tagsstrip=False
Patches
Users are encouraged to upgrade to bleach v3.1.2 or greater.
Workarounds
bleach.clean
calls to usestrip=True
, or not whitelistmath
orsvg
tags and one or more of the following tags:unsafe-inline
andunsafe-eval
script-src
s) will also help mitigate the risk.References
Credits
For more information
If you have any questions or comments about this advisory:
References