GHSA-J92C-7V7G-GJ3F
Vulnerability from github – Published: 2026-02-03 19:22 – Updated: 2026-02-05 00:36
VLAI?
Summary
HtmlSanitizer has a bypass via template tag
Details
Impact
If the template tag is allowed, its contents are not sanitized. The template tag is a special tag that does not usually render its contents, unless the shadowrootmode attribute is set to open or closed.
The lack of sanitization of the template tag brings up two bypasses:
- it is still possible to forcibly render the contents of a
<template>tag through mutation XSS. The DOM parsers in browsers such as Chromium have a node depth limit of 512 and tags which are beyond that depth are flattened. This in turn allows elements within<template>(which are not sanitized) to be effectively 'popped out'. An example would look like this:<div>[...]<template><script>alert('xss')</script>where[...]denotes at least another 509 opening<div>tags. - If in addition to the template tag, the
shadowrootmodeattribute is allowed throughsanitizer.AllowedAttributes.Add("shadowrootmode");, the simple payload of<div><template shadowrootmode="open"><script>alert('xss')</script>would bypass the sanitizer. This is because such usage of<template>attaches a shadow root to its parent:<div>, and its contents will be rendered.
Note that the default configuration is not affected because the template tag is disallowed by default.
Patches
The problem has been patched in versions 9.0.892 and 9.1.893-beta.
Workarounds
Disallow the template tag. It is disallowed by default.
Resources
https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/template
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "HtmlSanitizer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.892"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "HtmlSanitizer"
},
"ranges": [
{
"events": [
{
"introduced": "9.1.878-beta"
},
{
"fixed": "9.1.893-beta"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-25543"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-03T19:22:06Z",
"nvd_published_at": "2026-02-04T22:16:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nIf the `template` tag is allowed, its contents are not sanitized. The `template` tag is a special tag that does not usually render its contents, unless the `shadowrootmode` attribute is set to `open` or `closed`. \n\nThe lack of sanitization of the template tag brings up two bypasses:\n\n1. it is still possible to forcibly render the contents of a `\u003ctemplate\u003e` tag through mutation XSS. The DOM parsers in browsers such as Chromium have a node depth limit of 512 and tags which are beyond that depth are flattened. This in turn allows elements within `\u003ctemplate\u003e` (which are not sanitized) to be effectively \u0027popped out\u0027. An example would look like this: `\u003cdiv\u003e[...]\u003ctemplate\u003e\u003cscript\u003ealert(\u0027xss\u0027)\u003c/script\u003e` where `[...]` denotes at least another 509 opening `\u003cdiv\u003e` tags.\n2. If in addition to the template tag, the `shadowrootmode` attribute is allowed through `sanitizer.AllowedAttributes.Add(\"shadowrootmode\");`, the simple payload of `\u003cdiv\u003e\u003ctemplate shadowrootmode=\"open\"\u003e\u003cscript\u003ealert(\u0027xss\u0027)\u003c/script\u003e` would bypass the sanitizer. This is because such usage of `\u003ctemplate\u003e` attaches a shadow root to its parent: `\u003cdiv\u003e`, and its contents will be rendered. \n\nNote that the default configuration is not affected because the `template` tag is disallowed by default.\n\n### Patches\n\nThe problem has been patched in versions [9.0.892](https://www.nuget.org/packages/HtmlSanitizer/9.0.892) and [9.1.893-beta](https://www.nuget.org/packages/HtmlSanitizer/9.1.893-beta).\n\n### Workarounds\n\nDisallow the `template` tag. It is disallowed by default.\n\n### Resources\n\nhttps://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/template",
"id": "GHSA-j92c-7v7g-gj3f",
"modified": "2026-02-05T00:36:50Z",
"published": "2026-02-03T19:22:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mganss/HtmlSanitizer/security/advisories/GHSA-j92c-7v7g-gj3f"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25543"
},
{
"type": "WEB",
"url": "https://github.com/mganss/HtmlSanitizer/commit/0ac53dca30ddad963f2b243669a5066933d82b81"
},
{
"type": "WEB",
"url": "https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/template"
},
{
"type": "PACKAGE",
"url": "https://github.com/mganss/HtmlSanitizer"
},
{
"type": "WEB",
"url": "https://github.com/mganss/HtmlSanitizer/releases/tag/v9.0.892"
},
{
"type": "WEB",
"url": "https://www.nuget.org/packages/HtmlSanitizer/9.0.892"
},
{
"type": "WEB",
"url": "https://www.nuget.org/packages/HtmlSanitizer/9.1.893-beta"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "HtmlSanitizer has a bypass via template tag"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…