CVE-2021-28957

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.

References

https://bugs.launchpad.net/lxml/+bug/1888153

https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270

https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html

https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999

https://www.debian.org/security/2021/dsa-4880

https://security.netapp.com/advisory/ntap-20210521-0004/

https://lists.fedoraproject.org/archives/list/[email protected]/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/

https://lists.fedoraproject.org/archives/list/[email protected]/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2021-03-21

Updated: 2021-12-06

Type: CWE-79

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
156552EulerOS Virtualization 3.0.2.6 : python-lxml (EulerOS-SA-2021-2907)NessusHuawei Local Security Checks
medium
156383EulerOS Virtualization 3.0.2.0 : python-lxml (EulerOS-SA-2021-2830)NessusHuawei Local Security Checks
medium
155987Oracle Linux 8 : python27:2.7 (ELSA-2021-4151)NessusOracle Linux Local Security Checks
critical
155969Oracle Linux 8 : python38:3.8 / and / python38-devel:3.8 (ELSA-2021-4162)NessusOracle Linux Local Security Checks
critical
155967Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2021-4160)NessusOracle Linux Local Security Checks
critical
155500EulerOS Virtualization 2.9.1 : python-lxml (EulerOS-SA-2021-2732)NessusHuawei Local Security Checks
medium
155482EulerOS Virtualization 2.9.0 : python-lxml (EulerOS-SA-2021-2792)NessusHuawei Local Security Checks
medium
155201RHEL 8 : python-lxml (RHSA-2021:4158)NessusRed Hat Local Security Checks
medium
155200RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2021:4160)NessusRed Hat Local Security Checks
critical
155193RHEL 8 : python38:3.8 and python38-devel:3.8 (RHSA-2021:4162)NessusRed Hat Local Security Checks
critical
155151RHEL 8 : python27:2.7 (RHSA-2021:4151)NessusRed Hat Local Security Checks
critical
155064CentOS 8 : python38:3.8 and python38-devel:3.8 (CESA-2021:4162)NessusCentOS Local Security Checks
critical
155049CentOS 8 : python27:2.7 (CESA-2021:4151)NessusCentOS Local Security Checks
critical
155041CentOS 8 : python-lxml (CESA-2021:4158)NessusCentOS Local Security Checks
medium
155040CentOS 8 : python39:3.9 and python39-devel:3.9 (CESA-2021:4160)NessusCentOS Local Security Checks
critical
154366EulerOS 2.0 SP3 : python-lxml (EulerOS-SA-2021-2610)NessusHuawei Local Security Checks
medium
153761EulerOS 2.0 SP5 : python-lxml (EulerOS-SA-2021-2517)NessusHuawei Local Security Checks
medium
153727EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2021-2563)NessusHuawei Local Security Checks
medium
153722EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2021-2539)NessusHuawei Local Security Checks
medium
153646EulerOS 2.0 SP8 : python-lxml (EulerOS-SA-2021-2483)NessusHuawei Local Security Checks
medium
152781RHEL 7 : rh-python38 (RHSA-2021:3254)NessusRed Hat Local Security Checks
critical
152378Photon OS 4.0: Python3 PHSA-2021-4.0-0072NessusPhotonOS Local Security Checks
medium
148244Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : lxml vulnerability (USN-4896-1)NessusUbuntu Local Security Checks
medium
148234Debian DSA-4880-1 : lxml - security updateNessusDebian Local Security Checks
medium
148173Debian DLA-2606-1 : lxml security updateNessusDebian Local Security Checks
medium