Skip to content

Possible XSS bypass if style tag is allowed

Moderate
mganss published GHSA-8j9v-h2vp-2hhv Jan 4, 2021

Package

nuget HtmlSanitizer (NuGet)

Affected versions

< 5.0.372

Patched versions

5.0.372

Description

Impact

If you have explicitly allowed the <style> tag, an attacker could craft HTML that includes script after passing through the sanitizer. The default settings disallow the <style> tag so there is no risk if you have not explicitly allowed the <style> tag.

Patches

The problem has been fixed in version 5.0.372.

Workarounds

Remove the <style> tag from the set of allowed tags.

For more information

If you have any questions or comments about this advisory open an issue in https://github.com/mganss/HtmlSanitizer

Credits

This issue was discovered by Michał Bentkowski of Securitum.

Severity

Moderate

CVE ID

CVE-2020-26293

Weaknesses

No CWEs