PT-2023-26481 · Typo3 · Typo3/Html-Sanitizer

David Klein

Published

2023-07-25

Updated

2023-08-02

CVE-2023-38500

CVSS v3.1

4.7

Medium

Vector

AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions TYPO3 HTML Sanitizer versions 1.0.0 through 1.5.1 TYPO3 HTML Sanitizer versions 1.0.0 through 2.1.2

Description The issue arises from an encoding problem in the serialization layer of TYPO3 HTML Sanitizer, allowing malicious markup nested in a noscript element to bypass the cross-site scripting mechanism. The noscript element is disabled by default but may be enabled in custom configurations. This enables the bypassing of the cross-site scripting protection provided by TYPO3 HTML Sanitizer.

Recommendations Update to version 1.5.1 or 2.1.2 to fix the issue. As a temporary workaround, consider disabling the noscript element in custom configurations until the update is applied.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-38500

GHSA-59JF-3Q9V-RH6G

Affected Products

Typo3/Html-Sanitizer

PT-2023-26481 · Typo3 · Typo3/Html-Sanitizer

CVE-2023-38500

Weakness Enumeration

Related Identifiers

Affected Products

References · 9