JLSEC-2025-39

Possible XSS in HTMLSanitizer when using svg elements

JLSEC Published: Oct 14, 2025
Modified: Oct 31, 2025
Affected Packages: HTMLSanitizer < 0.2.1
Aliases / Upstream: GHSA-3mj7-qxh9-6q4p CVE-2025-52561

Description

When adding the style tag to the whitelist, content inside the tag is incorrectly unescaped, and closing tags injected as content are interpreted as real HTML, enabling tag injection and JavaScript execution.

This behavior is similar to the sanitization bypass described in CVE-2020-4054 (Sanitize for Ruby).

using HTMLSanitizer

user_input = "<svg><style>&lt;/style>&lt;img src onerror=alert(1)>"

whitelist = deepcopy(HTMLSanitizer.WHITELIST)
append!(whitelist[:elements], ["style"])
result = sanitize(user_input, whitelist=whitelist)
print(result) # <style></style><img src onerror=alert(1)></style>

Impact

Possible XSS in any HTML that is sanitized with this library.

Patches

Users should upgrade to v0.2.1 as soon as possible. In this version, svg and math tags are removed by default.

Workarounds

Add the math and svg elements to your whitelist manually via e.g.

whitelist = deepcopy(HTMLSanitizer.WHITELIST)
append!(whitelist[:removed_elements], ["math", "svg"])

and pass this modified whitelist to sanitize:

sanitize(user_input, whitelist=whitelist)

References

PR for fix

Credits

Thanks to Chen T for finding and reporting this issue.