CVE-2026-40301
Medium
Low
Medium
High
Critical
4.7
CVSS Score
Vulnerability Description
DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize() allows <style> elements in SVG content but never inspects their text content. CSS url() references and @import rules pass through unfiltered, causing the browser to issue HTTP requests to attacker-controlled hosts when the sanitized SVG is rendered. Version 1.0.10 fixes the issue.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
R
Scope
C
Confidentiality
L
Integrity
N
Availability
N
References & Resources
-
https://github.com/rhukster/dom-sanitizer/commit/49a98046b708a4c92f754f5b0ef1720bb85142e2security-advisories@github.com
-
https://github.com/rhukster/dom-sanitizer/releases/tag/1.0.10security-advisories@github.com
-
https://github.com/rhukster/dom-sanitizer/security/advisories/GHSA-93vf-569f-22cqsecurity-advisories@github.com
Severity Details
4.7
out of 10.0
Medium
Weakness Type (CWE)
CWE-79
Top 25 #1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- Description
- The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
- Exploit Likelihood
- High
- Typical Severity
- Medium
- OWASP Top 10
- A03:2021-Injection
- Abstraction Level
- Base
Key Information
- Published Date
- April 17, 2026
