GHSA-mm79-jhqm-9j54

Suggest an improvement
Source
https://github.com/advisories/GHSA-mm79-jhqm-9j54
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-mm79-jhqm-9j54/GHSA-mm79-jhqm-9j54.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-mm79-jhqm-9j54
Aliases
Published
2023-11-14T20:33:27Z
Modified
2024-02-16T08:00:07.350747Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer
Details

CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C (4.4)

Problem

DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer.

Solution

Update to typo3/html-sanitizer versions 1.5.3 or 2.1.4 that fix the problem described.

Credits

Thanks to Yaniv Nizry and Niels Dossche who reported this issue, and to TYPO3 core & security team member Oliver Hader who fixed the issue.

References

References

Affected packages

Packagist / typo3/html-sanitizer

Package

Name
typo3/html-sanitizer
Purl
pkg:composer/typo3/html-sanitizer

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.0.0
Fixed
1.5.3

Affected versions

v1.*

v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.5.0
v1.5.1
v1.5.2

Database specific 

{
    "last_known_affected_version_range": "<= 1.5.2"
}

Packagist / typo3/html-sanitizer

Package

Name
typo3/html-sanitizer
Purl
pkg:composer/typo3/html-sanitizer

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.0.0
Fixed
2.1.4

Affected versions

v2.*

v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.8
v2.0.9
v2.0.10
v2.0.11
v2.0.12
v2.0.13
v2.0.14
v2.0.15
v2.0.16
v2.1.0
v2.1.1
v2.1.2
v2.1.3

Database specific 

{
    "last_known_affected_version_range": "<= 2.1.3"
}