CVE-2021-26540

MEDIUM5.3EPSS 0.29%

Improper Input Validation in sanitize-html

Published: 5/6/2021Modified: 11/8/2023

Description

Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with "/\\example.com".

Affected packages (1)

npm/sanitize-htmlfrom 0, < 2.3.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-26540
WEBhttps://advisory.checkmarx.net/advisory/CX-2021-4309
WEBhttps://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26
WEBhttps://github.com/apostrophecms/sanitize-html/pull/460