id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
455	An attacker can bypass HTML sanitization based on CSS	jomae	hodgestar	"The current `HTMLSanitizer` has XSS vulnerabilities based on CSS. The details is in http://heideri.ch/jso/#80, http://heideri.ch/jso/#61 and http://openmya.hacker.jp/hasegawa/security/expression.txt.

The same issue in Trac has been fixed in trac:r10788 and I hope the [trac:source:branches/0.12-stable/trac/util/tests/html.py unit tests] are helpful."	defect	closed	critical	0.6.1	General	0.6	fixed