CVE-2026-47345

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...

HTML Sanitizer 跨站脚本漏洞

HTML Sanitizer is an HTML security filtering component open-sourced by the TYPO3 GitHub Department. Versions of HTML Sanitizer prior to 2.3.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from incorrect encoding of namespace attributes during HTML serialization, which...