CVE-2026-47345 Overview
CVE-2026-47345 affects the typo3/html-sanitizer package used by TYPO3 to neutralize untrusted HTML before rendering. The library fails to correctly encode namespace attributes during HTML serialization. Attackers can craft markup whose namespaced attributes survive sanitization and reach the browser intact. This bypass undermines the sanitizer's cross-site scripting (XSS) prevention guarantees [CWE-79]. Versions of typo3/html-sanitizer prior to 2.3.2 are affected. The flaw is published in TYPO3 security advisory TYPO3-CORE-SA-2026-006.
Critical Impact
Attackers with authoring privileges can inject script payloads into rendered TYPO3 pages, enabling XSS against visitors and authenticated editors.
Affected Products
- typo3/html-sanitizer versions prior to 2.3.2
- TYPO3 CMS installations consuming the vulnerable sanitizer library
- Third-party TYPO3 extensions relying on typo3/html-sanitizer for HTML output filtering
Discovery Timeline
- 2026-06-08 - CVE-2026-47345 published to NVD
- 2026-06-09 - Last updated in NVD database
Technical Details for CVE-2026-47345
Vulnerability Analysis
The typo3/html-sanitizer library parses untrusted HTML, applies an allow-list policy, and serializes the resulting Document Object Model (DOM) back to a string. During serialization, namespace attributes (for example, attributes carrying an xmlns prefix or attributes scoped to XML namespaces) are written to the output without being subjected to the same character encoding that standard HTML attributes receive.
Because these attribute values are emitted unencoded, characters such as quotation marks and angle brackets can terminate the attribute context. The resulting output reintroduces markup that the sanitizer's allow-list policy was supposed to remove. An attacker who can submit rich-text content through a TYPO3 editor, comment field, or any other input that routes through the sanitizer can place executable JavaScript into pages rendered to other users.
The vulnerability is categorized as Cross-Site Scripting (XSS) per [CWE-79]. Exploitation requires low privileges on the application and some user interaction, consistent with stored or reflected XSS scenarios in content management workflows.
Root Cause
The sanitizer's serializer applies attribute encoding rules that overlook namespace-qualified attributes. The fix in commit 8b5d0be44ded457ca993ec9ca93d859941c63764 normalizes the serialization path so namespace attributes are encoded consistently with all other attribute values.
Attack Vector
Exploitation occurs over the network. An attacker submits crafted HTML containing namespace attributes whose values carry XSS payloads. The sanitizer's DOM model accepts the input, but serialization emits the attribute value verbatim. When the rendered page reaches a victim's browser, the injected script executes in the TYPO3 site's origin, enabling session theft, content modification, or actions taken on behalf of the victim.
No verified public proof-of-concept is available. Refer to the TYPO3 Security Advisory and the upstream patch commit for technical specifics of the serialization fix.
Detection Methods for CVE-2026-47345
Indicators of Compromise
- HTML content stored in TYPO3 records containing namespace prefixes such as xmlns: paired with quote characters or angle brackets in attribute values.
- Outbound responses from TYPO3 endpoints that include unencoded <, >, or " characters inside namespace attribute values.
- Editor or frontend user sessions submitting rich-text payloads that include uncommon XML namespace declarations.
Detection Strategies
- Inspect rendered TYPO3 pages for namespace attributes that contain script-related tokens such as javascript:, onerror=, or <script.
- Audit installed Composer packages and flag any environment where typo3/html-sanitizer resolves to a version below 2.3.2.
- Review web application firewall (WAF) logs for POST bodies containing xmlns: declarations combined with HTML control characters.
Monitoring Recommendations
- Enable Content Security Policy (CSP) report-only mode on TYPO3 sites and monitor violation reports for inline script execution.
- Track changes to TYPO3 content records by privileged editors and correlate against unusual HTML structures.
- Alert on browser-side JavaScript errors originating from TYPO3-rendered pages, which can indicate failed or partial injection attempts.
How to Mitigate CVE-2026-47345
Immediate Actions Required
- Upgrade typo3/html-sanitizer to version 2.3.2 or later using Composer.
- Apply the corresponding TYPO3 core update referenced in advisory TYPO3-CORE-SA-2026-006.
- Review and re-sanitize stored rich-text content created before the patch was applied.
- Restrict rich-text editing permissions to trusted backend users until the upgrade is complete.
Patch Information
The upstream fix is delivered in commit 8b5d0be44ded457ca993ec9ca93d859941c63764 and released in typo3/html-sanitizer2.3.2. See the GitHub patch commit and the TYPO3 Security Advisory for full details.
Workarounds
- Deploy a strict Content Security Policy that disallows inline scripts and untrusted script sources.
- Configure WAF rules to block request bodies containing xmlns: prefixed attributes paired with HTML metacharacters.
- Temporarily disable HTML input fields or restrict them to plain text on internet-facing TYPO3 instances until patched.
# Configuration example
composer require typo3/html-sanitizer:^2.3.2
composer update typo3/html-sanitizer
php vendor/bin/typo3 cache:flush
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
