107 matches found
GHSA-76MC-F452-CXCM DOMPurify: Hook mutation of `data.allowedTags` / `data.allowedAttributes` permanently pollutes `DEFAULT_ALLOWED_TAGS` / `DEFAULT_ALLOWED_ATTR`
Hook mutation of data.allowedTags / data.allowedAttributes permanently pollutes DEFAULTALLOWEDTAGS / DEFAULTALLOWEDATTR CWE: CWE-501 Trust Boundary Violation — hook-scoped mutation leaks to global default sets via CWE-693 Protection Mechanism Failure — the default allow-list is silently widened f...
DOMPurify: Hook mutation of `data.allowedTags` / `data.allowedAttributes` permanently pollutes `DEFAULT_ALLOWED_TAGS` / `DEFAULT_ALLOWED_ATTR`
Hook mutation of data.allowedTags / data.allowedAttributes permanently pollutes DEFAULTALLOWEDTAGS / DEFAULTALLOWEDATTR CWE: CWE-501 Trust Boundary Violation — hook-scoped mutation leaks to global default sets via CWE-693 Protection Mechanism Failure — the default allow-list is silently widened f...
CVE-2026-40186
ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...
Astra Linux - уязвимость в python-bleach
A mutation XSS affects users who call bleachclean with any of the following tags: svg or math within the allowed tags p or br in allowed tags, style, title, noscript, script, textarea, noframes, iframe, or xmp within allowed tags. The keyword argument is stripcomments=False. Note: None of the abo...
Astra Linux - уязвимость в ruby-rails-html-sanitizer
Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there was a potential XSS vulnerability with certain configurations of Rails::Html::Sanitizer, due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer might allow an attacke...
Astra Linux – Vulnerability in ruby-rails-html-sanitizer
Possible XSS Vulnerability in Rails::Html::Sanitizer There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This vulnerability has been assigned the CVE identifier CVE-2022-32209. Vulnerabilities affected: ALL Not affected: NONEMeaning: Fixed versions: v1.4.3...
GHSA-9MRH-V2V3-XPFM sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements
Summary Commit 49d0bb7 introduced a regression in sanitize-html that bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option. Entity-encoded HTML inside these elements passes through the sanitizer as decoded, unescaped HTML, allowing injection of arbitrary...
EUVD-2026-23110
sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements...
sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements
Summary Commit 49d0bb7 introduced a regression in sanitize-html that bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option. Entity-encoded HTML inside these elements passes through the sanitizer as decoded, unescaped HTML, allowing injection of arbitrary...
Cross-site Scripting (XSS)
Overview sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis Affected versions of this package are vulnerable to Cross-site Scripting XSS in sanitizeHtml, when entity-encoded text is present...
CVE-2026-40186
ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...
CVE-2026-40186
ApostropheCMS is affected by CVE-2026-40186 due to a regression in sanitize-html (commit 49d0bb7) that bypasses allowedTags for text inside nonTextTagsArray elements (textarea, option). Versions: the vulnerability exists in ApostropheCMS 4.28.0 via its sanitize-html dependency (2.17.1). The root ...
CVE-2026-40186 ApostropheCMS: sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements
ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...
CVE-2026-40186 ApostropheCMS: sanitize-html allowedTags Bypass via Entity-Decoded Text in nonTextTags Elements
ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...
CVE-2026-40186
ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasses allowedTags enforcement for text inside nonTextTagsArray elements textarea and option...
PT-2026-33174
Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.29.0 sanitize-html version 2.17.1 Description A regression in the sanitize-html package allows a bypass of allowedTags enforcement for text within nonTextTagsArray elements, specifically textarea and option. T...
CVE-2026-33979
Express XSS Sanitizer is Express 4.x and 5.x middleware which sanitizes user input data in req.body, req.query, req.headers and req.params to prevent Cross Site Scripting XSS attack. A vulnerability has been identified in versions prior to 2.0.2 where restrictive sanitization configurations are...
CVE-2026-33979
Express XSS Sanitizer is Express 4.x and 5.x middleware which sanitizes user input data in req.body, req.query, req.headers and req.params to prevent Cross Site Scripting XSS attack. A vulnerability has been identified in versions prior to 2.0.2 where restrictive sanitization configurations are...
CVE-2026-33979 Express XSS Sanitizer: allowedTags/allowedAttributes bypass leads to permissive sanitization (XSS risk)
Express XSS Sanitizer is Express 4.x and 5.x middleware which sanitizes user input data in req.body, req.query, req.headers and req.params to prevent Cross Site Scripting XSS attack. A vulnerability has been identified in versions prior to 2.0.2 where restrictive sanitization configurations are...
CVE-2026-33979 Express XSS Sanitizer: allowedTags/allowedAttributes bypass leads to permissive sanitization (XSS risk)
Express XSS Sanitizer is Express 4.x and 5.x middleware which sanitizes user input data in req.body, req.query, req.headers and req.params to prevent Cross Site Scripting XSS attack. A vulnerability has been identified in versions prior to 2.0.2 where restrictive sanitization configurations are...