Alt Linux · Alt Linux · CVE-2025-22872
**Name of the Vulnerable Software and Affected Versions**
The product name cannot be determined.
**Description**
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. This can result in such tags being marked as self-closing when directly using Tokenizer, and when using the Parse functions, content following such tags can be placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts).
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.