CVE-2025-23207

Name of the Vulnerable Software and Affected Versions KaTeX versions prior to 0.16.21

Description The issue is related to the renderToString function in the KaTeX JavaScript library, which is used for rendering mathematical expressions. It is caused by incorrect encoding or escaping of output when handling the htmlData parameter. This could allow a remote attacker to execute arbitrary code. Users who render untrusted mathematical expressions with renderToString could encounter malicious input using htmlData that runs arbitrary JavaScript or generates invalid HTML.

Recommendations For versions prior to 0.16.21, upgrade to KaTeX v0.16.21 to remove this vulnerability. As a temporary workaround, consider turning off the trust option or setting it to forbid htmlData commands. Forbid inputs containing the substring "htmlData". Sanitize HTML output from KaTeX to minimize the risk of exploitation.