A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Six years. Gartner® Magic Quadrant™ Leader.Find Out Why
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2026-47344

CVE-2026-47344: TYPO3 HTML Sanitizer XSS Vulnerability

CVE-2026-47344 is a cross-site scripting flaw in TYPO3 HTML Sanitizer that allows attackers to bypass sanitization using whitespace-variant closing tags. This article covers technical details, affected versions, and mitigation.

Published: June 12, 2026

CVE-2026-47344 Overview

CVE-2026-47344 is a cross-site scripting (XSS) sanitizer bypass affecting the typo3/html-sanitizer library before version 2.3.2. When the ALLOW_INSECURE_RAW_TEXT configuration option is enabled, the sanitizer fails to recognize whitespace-variant closing tags such as </style\t>. Browsers, however, accept these tags as valid end tags per HTML5 specification § 8.2.6.1. This mismatch lets attacker-supplied content escape the raw-text context and reach the rendered DOM as executable markup. The flaw is tracked as [CWE-79] (Improper Neutralization of Input During Web Page Generation).

Critical Impact

An attacker who can submit HTML content processed by the sanitizer with ALLOW_INSECURE_RAW_TEXT enabled can inject script content that bypasses sanitization and executes in a victim's browser session.

Affected Products

  • typo3/html-sanitizer versions prior to 2.3.2
  • TYPO3 CMS installations that consume html-sanitizer with ALLOW_INSECURE_RAW_TEXT enabled
  • Downstream PHP applications depending on the vulnerable Masterminds\HTML5 tokenizer behavior through typo3/html-sanitizer

Discovery Timeline

  • 2026-06-08 - CVE-2026-47344 published to NVD
  • 2026-06-09 - Last updated in NVD database

Technical Details for CVE-2026-47344

Vulnerability Analysis

The typo3/html-sanitizer library uses the Masterminds\HTML5 parser to tokenize and clean untrusted HTML. The HTML5 specification defines raw-text elements such as <style> and <script> whose contents are not parsed as markup until a matching end tag is encountered. Per § 8.2.6.1, the end tag may include trailing whitespace characters such as tab (\t), newline, or form feed before the closing >.

The vulnerable rawText() tokenizer method only recognized the canonical closing tag form. Attacker-supplied input containing </style\t> or similar whitespace variants passed through the raw-text scanner unchanged. Browsers parsing the resulting HTML correctly treat the whitespace-variant tag as a valid end tag, terminating the raw-text context. Any markup following the bypassed tag is then parsed as ordinary HTML, including <script> blocks or event handler attributes.

Root Cause

The defect resides in the rawText() method of the upstream Masterminds tokenizer, which did not implement HTML5 § 8.2.6.1 whitespace handling for raw-text end tags. The existing rcdata() method already handled whitespace variants correctly, creating a parser-differential between the sanitizer's view of the input and the browser's view. This parser confusion is the underlying cause of the XSS filter bypass.

Attack Vector

An authenticated user with permission to submit HTML content processed by html-sanitizer with ALLOW_INSECURE_RAW_TEXT enabled crafts a payload that opens a raw-text element, closes it using a whitespace-variant end tag, then includes injected script content. User interaction is required to render the malicious page in a victim's browser.

php
// Patch from src/Parser/Tokenizer.php
<?php

declare(strict_types=1);

namespace TYPO3\HtmlSanitizer\Parser;

use Masterminds\HTML5\Elements;
use Masterminds\HTML5\Parser\Tokenizer as MastermindsTokenizer;

/**
 * Extends the Masterminds tokenizer to fix rawText() so that it recognises
 * whitespace-variant closing tags (e.g. </style\t>) as valid end tags per
 * HTML5 spec § 8.2.6.1, aligning it with the existing rcdata() behaviour.
 */
class Tokenizer extends MastermindsTokenizer
{
    #[\Override]
    protected function rawText($tok): bool
    {
        if ($this->untilTag === null) {
            // ... fixed handling continues

Source: TYPO3 html-sanitizer commit bd1a88d

Detection Methods for CVE-2026-47344

Indicators of Compromise

  • HTML content submitted to TYPO3 backends containing closing tags with embedded whitespace such as </style\t>, </style\n>, </textarea\t>, or </script\t>
  • Stored content fields where raw-text elements are followed by markup that should have been escaped, including <script> tags or on*= event handler attributes
  • Web server access logs showing POST requests to TYPO3 content endpoints with bodies containing tab or newline characters immediately before > inside end tags

Detection Strategies

  • Inspect content stored through TYPO3 rich-text fields for whitespace-variant end tags using regular expressions such as </(style|script|textarea|title|xmp|iframe|noembed|noframes|noscript)\s+>
  • Compare installed typo3/html-sanitizer versions across deployments against the fixed release 2.3.2 using composer audit tooling
  • Identify TYPO3 configurations where ALLOW_INSECURE_RAW_TEXT is enabled, since the flaw is only reachable under that setting

Monitoring Recommendations

  • Log and review TYPO3 editor submissions that contain <style>, <script>, or other raw-text elements followed by additional markup
  • Enable Content Security Policy (CSP) reporting and alert on script-src violations originating from sanitized content rendering paths
  • Track outbound JavaScript execution from pages that render user-submitted HTML, including unusual fetch() or XMLHttpRequest calls to attacker-controlled domains

How to Mitigate CVE-2026-47344

Immediate Actions Required

  • Upgrade typo3/html-sanitizer to version 2.3.2 or later using composer update typo3/html-sanitizer
  • Audit application configuration and disable ALLOW_INSECURE_RAW_TEXT unless an explicit, reviewed requirement exists
  • Review historical user-submitted content for whitespace-variant end-tag payloads and re-sanitize affected records after upgrading

Patch Information

The fix is delivered in typo3/html-sanitizer 2.3.2 via commit bd1a88d9b5a5f67f1120ec41084e9c1a0675641c. The patch introduces a local Tokenizer subclass that overrides rawText() to recognize whitespace-variant end tags, and an Html5 parser subclass that substitutes the corrected tokenizer. Further detail is available in the TYPO3 Security Advisory TYPO3-CORE-SA-2026-006.

Workarounds

  • Disable the ALLOW_INSECURE_RAW_TEXT behavior flag in the sanitizer configuration, which fully removes the vulnerable code path
  • Apply a strict Content Security Policy that forbids inline scripts and restricts script-src to trusted hashes or nonces, reducing impact if a bypass occurs
  • Restrict HTML submission permissions to trusted editor roles until the library is upgraded
bash
# Upgrade the affected library to the fixed release
composer require typo3/html-sanitizer:^2.3.2
composer audit

# Verify the installed version
composer show typo3/html-sanitizer | grep versions

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeXSS
  • Vendor/TechTypo3
  • SeverityLOW
  • CVSS Score2.1
  • EPSS Probability0.05%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityNone
  • CWE References
  • CWE-79
  • Technical References
  • GitHub Commit Reference
  • TYPO3 Security Advisory
  • Related CVEs
  • CVE-2026-47345: typo3/html-sanitizer XSS Vulnerability
  • CVE-2023-24814: TYPO3 CMS Cross-Site Scripting Vulnerability
  • CVE-2026-49741: TYPO3 CMS Auth Bypass Vulnerability
  • CVE-2026-49738: TYPO3 CMS Path Traversal Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English