HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. Prior to versions 9.0.892 and 9.1.893-beta, if the template tag is allowed, its contents are not sanitized. The template tag is a special tag that does not usually render its contents, unless the shadowrootmode attribute is set to open or closed.
This issue has been patched in versions 9.0.892 and 9.1.893-beta.
Attack Parameters
Attack Vector
Network
Атака возможна удалённо
Attack Complexity
Low
Легко эксплуатировать
Attack Requirements
Present
Нужны дополнительные условия
Privileges Required
None
Права не нужны
User Interaction
None
Не нужно действие пользователя
Impact Assessment
Confidentiality
None
Нет утечки данных
Integrity
None
Нет модификации данных
Availability
None
Нет нарушения работы
CVSS Vector v4.0
Weakness Type (CWE)
References 4
https://github.com/mganss/HtmlSanitizer/commit/0ac53dca30ddad963f2b243669a50669…
security-advisories@github.com
https://github.com/mganss/HtmlSanitizer/security/advisories/GHSA-j92c-7v7g-gj3f
security-advisories@github.com
https://www.nuget.org/packages/HtmlSanitizer/9.0.892
security-advisories@github.com
https://www.nuget.org/packages/HtmlSanitizer/9.1.893-beta
security-advisories@github.com