cvedb.io
CVE-2017-15612
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2017-10-19T08:29:00.920 · Last modified 2026-06-17T01:07:57.677

Summary

mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline (such as in java\nscript:) or a crafted email address, related to the escape and autolink functions.

Affected products

mistune_project — mistune

Does this affect you?

Add your gear to cvedb and we'll alert you only when mistune_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.