CVE-2022-23499 — Cross-site Scripting in Html Sanitizer

CWE-79 — Cross-site Scripting4 documents4 sources

Severity

6.1MEDIUMNVD

EPSS

0.2%

top 53.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Typo3 Html Sanitizer Typo3 CMS Typo3 Html-sanitizer

Timeline

PublishedDec 13

Description

HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. In versions prior to 1.5.0 or 2.1.1, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized due to a parsing issue in the upstream package masterminds/html5. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. The upstream package masterminds/html5 provides HTML raw text elements (`script`, `style…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages4 packages

▶NVDtypo3/html_sanitizer2.0.0 — 2.1.1+1

▶Packagisttypo3/html-sanitizer1.0.0 — 1.5.0+1

▶CVEListV5typo3/html-sanitizer>= 1.0.0, < 1.5.0, >= 2.0.0, < 2.1.1+1

▶Packagisttypo3/cms10.0.0 — 10.4.33+2

🔴Vulnerability Details

CVEList

Cross-Site Scripting Protection bypass in HTML Sanitizer↗2022-12-13

▶

GHSA

TYPO3 HTML Sanitizer vulnerable to Cross-Site Scripting↗2022-12-13

▶

OSV

TYPO3 HTML Sanitizer vulnerable to Cross-Site Scripting↗2022-12-13

▶