Advisory #4 - RyotaK's Vuln DB

Advisory #4

Title	bluemonday cross-site scripting via uppercase Cyrillic i
CVE ID	CVE-2021-29272
Vendor	Microcosm
Affected product	bluemonday
Affected versions	- 1.0.4
Vulnerability type	CWE-79 (Cross-site Scripting)
Description	bluemonday has a vulnerability that allows an attacker to bypass sanitization via the uppercase Cyrillic i.
Status	Fixed in 1.0.5
Recommendation	Update to version 1.0.5 or later.