CVE-2020-6816 vulnerability in Mozilla and Other Products
Published on March 24, 2020

In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.

Github Repository Vendor Advisory NVD

Products Associated with CVE-2020-6816

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-6816 are published in these products:

Mozilla Bleach

Fedora Project Fedora

Canonical Ubuntu Linux

Vulnerable Packages

The following package name and versions may be associated with CVE-2020-6816

Package Manager	Vulnerable Package	Versions	Fixed In
pip	bleach	< 3.1.2	3.1.2

Exploit Probability

EPSS

0.42%

Percentile

61.52%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-6816 vulnerability in Mozilla and Other ProductsPublished on March 24, 2020

Products Associated with CVE-2020-6816

Vulnerable Packages

Exploit Probability

CVE-2020-6816 vulnerability in Mozilla and Other Products
Published on March 24, 2020