CNNVD-202602-542 Information
CNNVD ID
CNNVD-202602-542
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
HTMLSanitizer是JuliaHub开源的一个HTML格式化软件。 HTMLSanitizer 9.0.892之前版本和9.1.893-beta之前版本存在安全漏洞,该漏洞源于允许template标签时未清理其内容,可能导致跨站脚本攻击。
Description (English)
HTML Sanitizer is an HTML formatting software from the Juliehub Open Source. There was a security loophole in the previous version of HTML Sanitizer 9.0.892 and the previous version of 9.1.893-beta, which stemmed from the fact that it had not been cleared while allowing the template label, which could result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
JuliaHub
Published
2026-02-04
Last Modified
2026-02-24
References
https://github.com/mganss/HtmlSanitizer/commit/0ac53dca30ddad963f2b243669a5066933d82b81 https://github.com/mganss/HtmlSanitizer/security/advisories/GHSA-j92c-7v7g-gj3f https://www.nuget.org/packages/HtmlSanitizer/9.0.892 https://www.nuget.org/packages/HtmlSanitizer/9.1.893-beta
Patch
https://github.com/mganss/HtmlSanitizer/releases
Share on: