CVE-2026-25543
February 04, 2026
HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. Prior to versions 9.0.892 and 9.1.893-beta, if the template tag is allowed, its contents are not sanitized. The template tag is a special tag that does not usually render its contents, unless the shadowrootmode attribute is set to open or closed. This issue has been patched in versions 9.0.892 and 9.1.893-beta.
Affected Packages
https://github.com/mganss/HtmlSanitizer.git (GITHUB):
Affected version(s) >=v2.0 <v9.0.892Fix Suggestion:
Update to version v9.0.892htmlsanitizer (NUGET):
Affected version(s) >=9.1.878-beta <9.1.893-betaFix Suggestion:
Update to version 9.1.893-betahtmlsanitizer (NUGET):
Affected version(s) >=1.0.4925.29815 <9.0.892Fix Suggestion:
Update to version 9.0.892Related Resources (8)
Do you need more information?
Contact UsCVSS v4
Base Score:
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
PRESENT
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE
Weakness Type (CWE)
EPSS
Base Score:
0.01
