CVE-2026-47345

NONE

—CVSS v3

—CVSS v2

— EPSS (exploit probability)

CWE-79CWE

Description

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE