CVE-2023-47125
- EPSS 0.34%
- Published 14.11.2023 20:15:07
- Last modified 21.11.2024 08:29:49
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. ...
CVE-2023-38500
- EPSS 0.34%
- Published 25.07.2023 21:15:11
- Last modified 21.11.2024 08:13:42
TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding...
CVE-2022-23499
- EPSS 0.04%
- Published 13.12.2022 21:15:11
- Last modified 21.11.2024 06:48:41
HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. In versions prior to 1.5.0 or 2.1.1, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered...
CVE-2022-36020
- EPSS 0.39%
- Published 13.09.2022 17:15:08
- Last modified 21.11.2024 07:12:11
The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. Due to a parsing issue in the upstream package `masterminds/html5`, malicious markup use...