Stored XSS in sanitize-html Defaults via Disallowed `xmp` Tag Bypass
A vulnerability tracked as CVE-2026-44990 allows stored cross-site scripting in sanitize-html when applications use the library’s default configuration and later render sanitized user content as trusted HTML. The flaw affects versions prior to 2.17.4 and stems from the handling of the disallowed xmp element: because htmlparser2 treats xmp as a raw-text tag, attacker-supplied markup inside it is preserved as text during sanitization but can be emitted back as active HTML or JavaScript under the default disallowedTagsMode: 'discard' behavior.
GitHub’s advisory and the upstream patch say the bypass can let payloads such as <script>, img event handlers, and svg-embedded script content survive filtering and execute in a victim’s browser. The fix in 2.17.4 adds xmp to nonTextTags so content inside a disallowed xmp tag is dropped instead of re-emitted, and regression tests were added to confirm the malicious content is removed. The issue was reported by Vincenzo Turturro (sushi-gif), and users of affected sanitize-html deployments, including those in ApostropheCMS, were urged to update immediately.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
CVE-2026-44990 is recorded for sanitize-html vulnerability
CVE-2026-44990 was recorded for the sanitize-html xmp raw-text passthrough flaw affecting versions prior to 2.17.4. The entry notes the issue can cause stored XSS under default settings and identifies 2.17.4 as the fixed version.
GitHub advisory discloses default XSS in sanitize-html
A GitHub security advisory described a sanitizer bypass in sanitize-html 2.17.3 that can lead to stored cross-site scripting under the default configuration. The advisory explained that content inside disallowed xmp tags could be emitted back as active HTML or JavaScript when rendered by browsers.
sanitize-html security patch fixes xmp-based XSS bypass
A security patch was released for sanitize-html to fix an XSS bypass involving disallowed xmp tags. The fix adds xmp to nonTextTags handling so malicious content inside disallowed xmp elements is dropped, and regression tests were added for script, img onerror, and svg/script payloads.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
CVE-2026-44990 - Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
cvefeed.io
Open sourceDefault XSS via `xmp` raw-text passthrough in `sanitize-html` · Advisory · apostrophecms/apostrophe · GitHub
github.com
Open sourceMerge commit from fork · apostrophecms/apostrophe@8d4c882 · GitHub
github.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
TinyMCE patches stored XSS flaws in editor sanitizer and media plugin
TinyMCE has patched multiple cross-site scripting vulnerabilities in its widely deployed rich text editor, including stored and sanitization-related flaws tracked as `CVE-2026-47759`, `CVE-2026-47760`, `CVE-2026-47761`, and `CVE-2026-47762`. The issues could let remote attackers inject malicious JavaScript into web content and compromise active user sessions when affected content is viewed. Reported weaknesses include improper namespace scope handling in the core sanitizer, bypasses involving prefixed attributes and comment handling, and a flaw in the media plugin. The media plugin issue, `CVE-2026-47761`, stems from TinyMCE serializing rich-media elements into placeholder images while preserving raw properties in `data-mce-*` HTML attributes. Because many downstream filters permit arbitrary `data-*` attributes, malicious payloads can survive sanitization, be stored persistently, and later be deserialized into active DOM elements without sufficient validation, triggering script execution in users' browsers. TinyMCE said fixes are available in supported branches and advised customers to upgrade to version `7.9.3` or later or `8.5.1`, while version 5 commercial users may require long-term support updates.
Jun 10, 2026
Stored XSS Vulnerability in Angular via SVG and MathML Bypass
A high-severity vulnerability, tracked as CVE-2025-66412, has been discovered in the Angular framework, allowing stored cross-site scripting (XSS) attacks through SVG animation, SVG URL, and MathML attributes. The flaw exists in the Angular Template Compiler, where the internal security schema fails to properly classify certain URL-holding attributes as requiring strict URL security, enabling attackers to inject malicious scripts that bypass Angular's built-in sanitization. This vulnerability affects Angular versions prior to 21.0.2, 20.3.15, and 19.2.17, and has been addressed in these subsequent releases. Attackers exploiting this vulnerability can persistently inject malicious JavaScript into web applications built with vulnerable Angular versions, potentially compromising user data and session integrity. Organizations using Angular are strongly advised to update to the fixed versions to mitigate the risk of exploitation. The vulnerability is remotely exploitable and has been rated as high severity, with a CVSS 4.0 score of 8.5, underscoring the urgency for prompt remediation.
Mar 21, 2026
Happy DOM Code Injection and Express XSS Sanitizer Bypass Patched
Two high-severity flaws were disclosed in widely used JavaScript ecosystem packages, including a **remote code execution** issue in Happy DOM tracked as `CVE-2026-33943` and an **XSS protection bypass** in Express XSS Sanitizer tracked as `CVE-2026-33979`. In Happy DOM versions `15.10.0` through `20.8.7`, unsanitized names inside `export { }` declarations in the `ECMAScriptModuleCompiler` could be interpolated into generated code and executed, allowing arbitrary JavaScript injection through ES module scripts. The flaw is classified as `CWE-94` and was fixed in version `20.8.8`. Express XSS Sanitizer versions prior to `2.0.2` were found to mishandle restrictive `allowedTags` and `allowedAttributes` settings, causing explicitly empty configurations to be ignored and weakening intended sanitization controls. That behavior could leave applications exposed to cross-site scripting despite developers attempting to enforce strict filtering. The issue is tracked as `CVE-2026-33979`, mapped to `CWE-79` and `CWE-183`, and was corrected in version `2.0.2` by ensuring user-supplied sanitization settings are passed through as intended.
Mar 28, 2026