Lucene search
+L

616 matches found

OSV
OSV
added 4 days ago4 views

CVE-2026-48761 Symfony: HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes on <object>, <applet>, <iframe>, <img> and the URL Inside <meta http-equiv="refresh"> content

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0 until 6.4.41, 7.4.13, and 8.0.13, UrlAttributeSanitizer::getSupportedAttributes omitted URL-bearing attributes on , , , and , and URLs inside content bypassed URL sanitization, allowing...

5.3CVSS6.1AI score0.00268EPSS
Exploits0References7
CVE
CVE
added 4 days ago25 views

CVE-2026-45753

Symfony HtmlSanitizer UrlAttributeSanitizer omits action, formaction, poster, and cite URL-valued attributes, allowing javascript: URIs to bypass sanitization and enable XSS when forms or buttons are used. Affected: Symfony components prior to versions 6.4.40, 7.4.12, and 8.0.12. Mitigation: upgr...

6.1CVSS6.1AI score0.00297EPSS
Exploits0References5Affected Software1
OSV
OSV
added 4 days ago4 views

CVE-2026-45753 Symfony: HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cite — javascript: URI Survives Sanitization (XSS)

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, UrlAttributeSanitizer::getSupportedAttributes omits URL-valued attributes including action, formaction, poster, and cite, so configurations that adm...

2.1CVSS6.1AI score0.00297EPSS
Exploits0References7
Cvelist
Cvelist
added 4 days ago27 views

CVE-2026-45066 Symfony: HtmlSanitizer allowLinkHosts() / allowMediaHosts() Bypass via URL-Parser Differentials and <area> Misclassification

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, HtmlSanitizer URL sanitization can allow off-allowlist URLs through allowLinkHosts or allowMediaHosts because UrlSanitizer::parse follows RFC 3986...

2.3CVSS0.0029EPSS
Exploits0References5
CVE
CVE
added 4 days ago16 views

CVE-2026-45066

CVE-2026-45066 affects Symfony’s HtmlSanitizer: URL sanitization bypass due to UrlSanitizer::parse() following RFC 3986 while browsers use WHATWG, and because is checked against the media policy instead of the link policy. Affected versions: 6.1.0-BETA1–6.4.40, 7.4.12, and 8.0.12. Impact: off-al...

6.1CVSS6.1AI score0.0029EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 8:35 p.m.4 views

CVE-2026-58263

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.28, the built-in clean-html sanitizer can be bypassed by a MathML/...

7.2CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:0 p.m.8 views

CVE-2026-52781

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the HTML sanitizer grants elements unrestricted data- attributes via :data wildcard. An attacker injects data-controller="poll-for-changes" into a work package description, causing Stimulus.js to mount ...

6.4CVSS5.9AI score0.0015EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52912

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.3 OpenProject versions prior to 17.4.1 Description The HTML sanitizer allows elements to have unrestricted data- attributes through a :data wildcard. An attacker can inject data-controller="poll-for-changes"...

6.4CVSS6.1AI score0.0015EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:21 p.m.4 views

CVE-2026-54759 SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious in a Bazaar package README that executes arbitrary...

8.7CVSS6.1AI score0.00262EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/15 4:46 p.m.14 views

Symfony: HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes

Description Symfony\Component\HtmlSanitizer\Visitor\AttributeSanitizer\UrlAttributeSanitizer::getSupportedAttributes enumerates the attribute names whose values are scrubbed through UrlSanitizer::sanitize scheme and host allow-lists, javascript: rejection, BiDi check, etc.. The list is 'src',...

6.1CVSS5.3AI score0.00268EPSS
Exploits0References6Affected Software2
Github Security Blog
Github Security Blog
added 2026/06/12 8:7 p.m.15 views

TYPO3 HTML Sanitizer allows Cross-site Scripting

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2. Credits to Doyensec in collaboration with Claude and Anthropic Research for reporting this vulnerability...

5.1CVSS4.9AI score0.00366EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/12 7:6 p.m.14 views

TYPO3 HTML Sanitizer allows Cross-site Scripting

When ALLOWINSECURERAWTEXT is enabled, whitespace-variant closing tags e.g., are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitiz...

2.1CVSS4.9AI score0.00282EPSS
Exploits0References6Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/12 12:0 a.m.6 views

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2026:0183-1 Rating: important References: 1266329 1266331 1266332 1266333 1266334 1266335 1266336 1266337 Cross-References: CVE-2026-48842 CVE-2026-48843 CVE-2026-48844 CVE-2026-48845 CVE-2026-48846...

8.1CVSS5.9AI score0.00764EPSS
Exploits1References8
NVD
NVD
added 2026/06/08 8:17 p.m.13 views

CVE-2026-47344

When ALLOWINSECURERAWTEXT is enabled, whitespace-variant closing tags e.g., are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitiz...

2.1CVSS0.00282EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 8:17 p.m.14 views

CVE-2026-47345

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...

5.1CVSS0.00366EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 2026/06/08 8:0 p.m.9 views

TYPO3-CORE-SA-2026-006: TYPO3 HTML Sanitizer allows Cross-Site Scripting

More info at https://typo3.org/security/advisory/typo3-core-sa-2026-006...

2.1CVSS5.4AI score0.00282EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2026/06/08 8:0 p.m.8 views

TYPO3-CORE-SA-2026-006: TYPO3 HTML Sanitizer allows Cross-Site Scripting

More info at https://typo3.org/security/advisory/typo3-core-sa-2026-006...

5.1CVSS5.4AI score0.00366EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 7:4 p.m.10 views

CVE-2026-47345 TYPO3 HTML Sanitizer allows Cross-Site Scripting

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...

5.1CVSS5.2AI score0.00366EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 7:4 p.m.8 views

CVE-2026-47345

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...

5.1CVSS5.2AI score0.00366EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 7:4 p.m.31 views

CVE-2026-47345

The CVE-2026-47345 issue affects the TYPO3 html-sanitizer component prior to version 2.3.2, where namespace attributes are not encoded correctly during HTML serialization, enabling bypass of the built-in XSS prevention. The underlying impact is a cross-site scripting risk in affected TYPO3 deploy...

5.1CVSS5.2AI score0.00366EPSS
Exploits0References2
Rows per page
Query Builder