CVE-2024-21501

moderate-risk

Published 2024-02-24

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.

Do I need to act?

1.8% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.3/10 Medium

NETWORK / LOW complexity

Affected Products (3)

Sanitize-Html

Fedora

Affected Vendors

Fedoraproject Apostrophecms

References (16)

Exploit https://gist.github.com/Slonser/8b4d061abe6ee1b2e10c7242987674cf

Issue Tracking https://github.com/apostrophecms/apostrophe/discussions/4436

Patch https://github.com/apostrophecms/sanitize-html/commit/c5dbdf77fe8b836d3bf4554ea3...

Patch https://github.com/apostrophecms/sanitize-html/pull/650

Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproje...

Exploit https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6276557

Exploit https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334

Exploit https://gist.github.com/Slonser/8b4d061abe6ee1b2e10c7242987674cf

Issue Tracking https://github.com/apostrophecms/apostrophe/discussions/4436

Patch https://github.com/apostrophecms/sanitize-html/commit/c5dbdf77fe8b836d3bf4554ea3...

Patch https://github.com/apostrophecms/sanitize-html/pull/650

Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproje...

Exploit https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6276557

Exploit https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334

/ 100

moderate-risk

Severity 21/34 · High

Exploitability 5/34 · Minimal

Exposure 9/34 · Low