| - module: github.com/microcosm-cc/bluemonday |
| - package: github.com/microcosm-cc/bluemonday |
| An XSS injection was possible because the sanitization of the Cyrillic |
| character i bypass a protection mechanism against user-inputted HTML elements |
| such as the <script> tag. |
| published: 2021-05-18T21:07:37Z |
| - fix: https://github.com/microcosm-cc/bluemonday/commit/524f142fe46e945b7dcd291d7805c4b7dcf75bee |
| - web: https://github.com/microcosm-cc/bluemonday/issues/111 |
| - web: https://github.com/microcosm-cc/bluemonday/releases/tag/v1.0.5 |