lxml
Page content
- Author: kikadf
- Vulnerable: 2.3-1
- Unaffected: 2.3.5-1arcturus1
It was discovered that the lxml.html.clean module incorrectly stripped control characters. An attacked could potentially exploit this to conduct cross-site scripting (XSS) attacks.