CVE-2025-29771: HtmlSanitizer vulnerable to XSS when used with contentEditable

1.3 CVSS

Description

HtmlSanitizer is a client-side HTML Sanitizer. Versions prior to 2.0.3 have a cross-site scripting vulnerability when the sanitizer is used with a `contentEditable` element to set the elements `innerHTML` to a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation. The issue is patched in version 2.0.3.

Classification

CVE ID: CVE-2025-29771

CVSS Base Severity: LOW

CVSS Base Score: 1.3

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U

Problem Types

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected Products

Vendor: jitbit

Product: HtmlSanitizer

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 15.8% (scored less or equal to compared to others)

EPSS Date: 2025-04-12 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-29771
https://github.com/jitbit/HtmlSanitizer/security/advisories/GHSA-vhv4-fh94-jm5x
https://github.com/jitbit/HtmlSanitizer/commit/af6d2a78877e7277cd01c825b7fb50edb5956963

Timeline

2025-03-14 19:40:22 UTC
CVE

HtmlSanitizer vulnerable to XSS when used with contentEditable