CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
Percentile
47.1%
Sanitize is an allowlist-based HTML and CSS sanitizer. Using carefully
crafted input, an attacker may be able to sneak arbitrary HTML and CSS
through Sanitize starting with version 3.0.0 and prior to version 6.0.2
when Sanitize is configured to use the built-in “relaxed” config or when
using a custom config that allows style
elements and one or more CSS
at-rules. This could result in cross-site scripting or other undesired
behavior when the malicious HTML and CSS are rendered in a browser.
Sanitize 6.0.2 performs additional escaping of CSS in style
element
content, which fixes this issue. Users who are unable to upgrade can
prevent this issue by using a Sanitize config that doesn’t allow style
elements, using a Sanitize config that doesn’t allow CSS at-rules, or by
manually escaping the character sequence </
as <\/
in style
element
content.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | ruby-sanitize | < 4.6.6-2.1~0.20.04.2 | UNKNOWN |
ubuntu | 22.04 | noarch | ruby-sanitize | < 6.0.0-1ubuntu0.1 | UNKNOWN |
ubuntu | 23.10 | noarch | ruby-sanitize | < 6.0.0-1.1ubuntu0.23.10.1 | UNKNOWN |
github.com/rgrove/sanitize/commit/76ed46e6dc70820f38efe27de8dabd54dddb5220
github.com/rgrove/sanitize/commit/76ed46e6dc70820f38efe27de8dabd54dddb5220 (v6.0.2)
github.com/rgrove/sanitize/releases/tag/v6.0.2
github.com/rgrove/sanitize/security/advisories/GHSA-f5ww-cq3m-q3g7
launchpad.net/bugs/cve/CVE-2023-36823
nvd.nist.gov/vuln/detail/CVE-2023-36823
security-tracker.debian.org/tracker/CVE-2023-36823
ubuntu.com/security/notices/USN-6748-1
www.cve.org/CVERecord?id=CVE-2023-36823