wikimedia/parsoid Security Advisories for v0.12.0-a21 (1)
-
[MEDIUM] Parsoid comment fostering allows for inserting mostly arbitrary <meta> tags
PKSA-kfdm-v91n-smy3 CVE-2021-30458 GHSA-5pqx-77vf-85rw
Affected version: <0.12.2
Reported by:
GitHub, FriendsOfPHP/security-advisories