CVE-2021-26540

Published: Feb 8, 2021Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with "/\\example.com".

Affected (1)

Products: Apostrophecms: Sanitize Html

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apostrophecms Sanitize Html	Before 2.3.2

References (6)

https://advisory.checkmarx.net/advisory/CX-2021-4309

Source: cve@mitre.org

ExploitPatchThird Party Advisory

https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26

Source: cve@mitre.org

Release NotesThird Party Advisory

https://github.com/apostrophecms/sanitize-html/pull/460

Source: cve@mitre.org

PatchThird Party Advisory

https://advisory.checkmarx.net/advisory/CX-2021-4309

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://github.com/apostrophecms/sanitize-html/pull/460

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

Timeline

No history available yet.