Maksim Kochkin

1 exploit Active since May 2014
CVE-2014-3146 EXPLOITDB MEDIUM text WORKING POC
lxml < 3.3.5 - Cross-Site Scripting via Control Characters in Link Scheme
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
CVSS 6.1