CVE-2020-27783 - AskarLabs CVE Database

CVE-2020-27783

Vendor N/A

Product python-lxml

Weakness CWE-79 · XSS

Published December 3, 2020

Last update December 17, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

Key dates

02Disclosure timeline

December 3, 2020 CVE published

December 17, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-27783 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-33643 WordPress Advanced Most Recent Posts Mod plugin <= 1.6.5.2 - Cross Site Scripting (XSS) vulnerability CVE-2024-51596 WordPress Business plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability CVE-2026-27169 OpenSift: Persistent XSS Chat Tool Rendering CVE-2024-8741 Beam me up Scotty – Back to Top Button <= 1.0.21 - Reflected Cross-Site Scripting CVE-2025-12398 Product Table for WooCommerce <= 5.0.8 - Reflected Cross-Site Scripting