CVE-2023-47125
published 2023-11-14CVE-2023-47125: TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled…
PriorityP425medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.57%
43.1th percentile
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | html-sanitizer | — | — |
| typo3 | html-sanitizer | — | — |
| typo3 | html-sanitizer | >= 1.0.0 < 1.5.3 | 1.5.3 |
| typo3 | html-sanitizer | >= 2.0.0 < 2.1.4 | 2.1.4 |
| typo3 | html_sanitizer | >= 1.0.0 < 1.5.3 | 1.5.3 |
| typo3 | html_sanitizer | >= 2.0.0 < 2.1.4 | 2.1.4 |
| typo3 | typo3 | >= 10.4.19 < 10.4.41 | 10.4.41 |
| typo3 | typo3 | >= 11.3.2 < 11.5.33 | 11.5.33 |
| typo3 | typo3 | >= 12.0.0 < 12.4.8 | 12.4.8 |
| typo3 | typo3 | >= 8.7.42 < 8.7.55 | 8.7.55 |
| typo3 | typo3 | >= 9.5.29 < 9.5.44 | 9.5.44 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
ghsa·2023-11-14
CVE-2023-47125 [MEDIUM] CWE-79 Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
> ### CVSS: `CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (4.4)
### Problem
DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of [`typo3/html-sanitizer`](https://packagist.org/packages/typo3/html-sanitizer).
### Solution
Update to `typo3/html-sanitizer` versions 1.5.3 or 2.1.4 that fix the problem described.
### Credits
Thanks to Yaniv Nizry and Niels Dossche who reported this issue, and to TYPO3 core & security team member Oliver Hader who fixed the issue.
### References
* [TYPO3-CORE-SA-2023-007](https://typo3.org/security/advisory/typo3-core-sa-2023-007)
* [Context & Details at `masterminds/html5`](https://github.com/Masterminds/html5-php/is
OSV
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
osv·2023-11-14
CVE-2023-47125 [MEDIUM] Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
> ### CVSS: `CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C` (4.4)
### Problem
DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of [`typo3/html-sanitizer`](https://packagist.org/packages/typo3/html-sanitizer).
### Solution
Update to `typo3/html-sanitizer` versions 1.5.3 or 2.1.4 that fix the problem described.
### Credits
Thanks to Yaniv Nizry and Niels Dossche who reported this issue, and to TYPO3 core & security team member Oliver Hader who fixed the issue.
### References
* [TYPO3-CORE-SA-2023-007](https://typo3.org/security/advisory/typo3-core-sa-2023-007)
* [Context & Details at `masterminds/html5`](https://github.com/Masterminds/html5-php/is
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/TYPO3/html-sanitizer/commit/b8f90717251d968c49dc77f8c1e5912e2fbe0dffhttps://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-mm79-jhqm-9j54https://typo3.org/security/advisory/typo3-core-sa-2023-007https://github.com/TYPO3/html-sanitizer/commit/b8f90717251d968c49dc77f8c1e5912e2fbe0dffhttps://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-mm79-jhqm-9j54https://typo3.org/security/advisory/typo3-core-sa-2023-007
2023-11-14
Published