43 matches found
GHSA-GJ48-438W-JH9V Bleach clean() / Cleaner() fails to sanitize dangerous URI schemes in allowed formaction attributes
Summary Bleach clean / Cleaner fails to sanitize dangerous URI schemes in allowed formaction attributes. Bleach applies URI protocol sanitization only to attributes listed in attrvalisuri. While URI-bearing attributes such as action, href, src, and poster are included in that set, formaction is...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS incomplete validation of URI schemes in attributes such as action, formaction, data, poster, and background. An attacker can execute arbitrary scripts in the context of the user’s browser by injecting a crafted...
CVE-2026-53606 sanitize-html has an incomplete URI scheme validation that allows javascript: URIs through action, formaction, data, poster, and background attributes
ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use allowedSchemesAppliedToAttributes default: 'href', 'src', 'cite' to gate the naughtyHref function that blocks...
CVE-2026-53606
A CVE-2026-53606 entry concerns ApostropheCMS (Node.js) and its dependency sanitize-html. The issue arises in sanitize-html versions prior to 2.17.5, where allowedSchemesAppliedToAttributes (default: ['href','src','cite']) do not cover all URI-bearing attributes (e.g., action, formaction, data, p...
Symfony's HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cite — `javascript`: URI Survives Sanitization (XSS)
Description symfony/html-sanitizer lets applications sanitise untrusted HTML. UrlAttributeSanitizer is the visitor responsible for validating URL-valued attributes and stripping dangerous schemes from them; it runs on every element regardless of configuration. Whether an attribute is kept is...
PT-2026-44727
Name of the Vulnerable Software and Affected Versions symfony/html-sanitizer versions prior to 6.4 Description The UrlAttributeSanitizer visitor fails to validate the schemes of several URL-valued attributes because they are missing from the getSupportedAttributes list. Specifically, the action...
Cross-site Scripting (XSS)
Overview symfony/html-sanitizer is a Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM. Affected versions of this package are vulnerable to Cross-site Scripting XSS via incomplete URL attribute validation in UrlAttributeSanitizer. An attacke...
Astra Linux – Vulnerability in lxml
A XSS vulnerability was discovered in the clean module of python-lxml’s versions prior to 4.6.3. When the “safe attrsOnly” and “forms” arguments are disabled, the Cleaner class does not remove the “formaction” attribute, allowing JavaScript to bypass the sanitizer. A remote attacker could exploit...
Payload-XSS
Payload-XSS Daftar Isi 1. Payload Dasar 1-20payload-...
MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...
EUVD-2018-6836
Malware in sbrugna...
Medium: python-lxml
Issue Overview: An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this...
GHSA-4H54-VWX9-3VR3 Silverstripe XSS In FormAction
A cross-site scripting vulnerability has been discovered in the FormAction field where a user-specified title may be specified...
Silverstripe XSS In FormAction
A cross-site scripting vulnerability has been discovered in the FormAction field where a user-specified title may be specified...
Mars: Reflected XSS on formaction parameter
The formaction parameter of the target application was found to contain a reflected Cross-Site Scripting XSS vulnerability. User-supplied data was reflected back without proper sanitization, allowing for the injection of malicious JavaScript code. The issue was compounded by potential cache...
SUSE CVE-2018-14954
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute...
SUSE CVE-2021-28957
An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run...
Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting (XSS)
Exploit Title: Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting XSS Exploit Author: LiquidWorm enteliTouch XSS input type="hidden" nam...
python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS
A flaw was found in python-lxml. The HTML5 formaction attribute is not input sanitized like the HTML action attribute is which can lead to a Cross-Site Scripting attack XSS when an application uses python-lxml to sanitize user inputs. The highest threat from this vulnerability is to data...
python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS
A flaw was found in python-lxml. The HTML5 formaction attribute is not input sanitized like the HTML action attribute is which can lead to a Cross-Site Scripting attack XSS when an application uses python-lxml to sanitize user inputs. The highest threat from this vulnerability is to data...