CVE-2026-25543 HtmlSanitizer has a bypass via template tag

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. Prior to versions 9.0.892 and 9.1.893-beta, if the template tag is allowed, its contents are not sanitized. The template tag is a special tag that does not usually render its...

PT-2026-6321

Name of the Vulnerable Software and Affected Versions HtmlSanitizer versions prior to 9.0.892 HtmlSanitizer versions prior to 9.1.893-beta Description HtmlSanitizer is a .NET library designed to prevent cross-site scripting XSS attacks by cleaning HTML fragments and documents. Before versions...