CVE-2021-26540
Summary
| CVE | CVE-2021-26540 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-02-08 17:15:00 UTC |
| Updated | 2021-04-01 15:02:00 UTC |
| Description | Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with "/\\example.com". |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apostrophecms | Sanitize-html | All | All | All | All |
| Application | Apostrophecms | Sanitize-html | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| new and interesting iframe validation exploits by boutell · Pull Request #460 · apostrophecms/sanitize-html · GitHub | MISC | github.com | Patch, Third Party Advisory |
| sanitize-html/CHANGELOG.md at main · apostrophecms/sanitize-html · GitHub | MISC | github.com | Release Notes, Third Party Advisory |
| advisory.checkmarx.net/advisory/CX-2021-4309 | MISC | advisory.checkmarx.net | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 982673 Nodejs (npm) Security Update for sanitize-html (GHSA-mjxr-4v3x-q3m4)