Access Restriction Bypass

Affecting sanitize-html package, versions <2.3.1

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

Overview

sanitize-html is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis

Affected versions of this package are vulnerable to Access Restriction Bypass. Internationalized domain name (IDN) is not properly handled. This allows attackers to bypass hostname whitelist validation set by the allowedIframeHostnames option.

Remediation

Upgrade sanitize-html to version 2.3.1 or higher.

References

CVSS Score

6.5
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    Low
  • Integrity
    Low
  • Availability
    None
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Credit
Ron Masas, Checkmarx
CVE
CVE-2021-26539
CWE
CWE-20
Snyk ID
SNYK-JS-SANITIZEHTML-1070786
Disclosed
09 Feb, 2021
Published
09 Feb, 2021