Primary

Context

TYPO3 HTML Sanitizer Namespace Attribute Encoding Vulnerability Bypassing XSS Prevention

Vulnerability

Patched

A vulnerability exists in TYPO3 HTML Sanitizer versions prior to 2.3.2, where namespace attributes are not properly encoded during HTML serialization. This flaw allows for bypassing the cross-site scripting (XSS) prevention mechanism of the sanitizer.

Impact

Exploitation of this vulnerability allows for cross-site scripting (XSS) attacks by bypassing the HTML sanitization process, potentially leading to the execution of malicious scripts in the user's browser.

Reproduction

To reproduce this vulnerability, create an HTML element with a namespace attribute that includes unencoded HTML, such as an image tag with an 'onerror' event. When this element is processed by TYPO3 HTML Sanitizer, the unencoded HTML will be executed, demonstrating the XSS bypass.

Remediation

Users should update to TYPO3 HTML Sanitizer version 2.3.2 or later, where this vulnerability has been addressed.

Added: Jun 8, 2026, 8:19 PM

Updated: Jun 8, 2026, 8:19 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

1.7

exploitability

5.4

remediation

7.7

relevance

9.3

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

1.7

exploitability

5.4

remediation

7.7

relevance

9.3

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TYPO3 HTML Sanitizer Namespace Attribute Encoding Vulnerability Bypassing XSS Prevention

Vulnerability

Impact

Reproduction

Remediation

Affected Products

TYPO3 html-sanitizer

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating