HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-44990Published Modified CNA GitHub_M

CVE-2026-44990: Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`

ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the default configuration, versions of `sanitize-html` prior to 2.17.4 can turn attacker-controlled content inside a disallowed `xmp` element into live HTML or JavaScript. This is a sanitizer bypass in the default `disallowedTagsMode: 'discard'` path and can lead to stored XSS in applications that render sanitized output back to users. Version 2.17.4 patches the issue.

Metrics

CVSS v3.1
9.3
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A sanitizer-bypass cross-site scripting (XSS) vulnerability affects the sanitize-html library, used by ApostropheCMS and any Node.js application that calls it directly. Attackers can embed JavaScript inside a disallowed `xmp` HTML element; under the default `disallowedTagsMode: 'discard'` configuration, the library strips the tag but passes its raw inner content through as live HTML, allowing injected scripts to execute in a victim's browser. Successful exploitation lets an attacker run arbitrary JavaScript in the context of the targeted user's session, enabling credential theft, account takeover, or malicious actions performed on the user's behalf. HarborGuard tracks this advisory and will make a patched-image rebuild available the moment a fix version is published upstream.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in connected registries and CI pipelines, including custom-built Node.js images that bundle sanitize-html as a transitive dependency.

Available
Triage

HarborGuard scores this finding at CVSS 9.3 (Critical) and weights it against each customer organization's compliance policy to determine breach thresholds and escalation paths, routing alerts to the appropriate team inbox automatically.

Available
Patch

Because no fix version has been published yet, HarborGuard re-evaluates this advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment sanitize-html 2.17.4 or a later fix release appears upstream. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered without manual intervention once a fix is available.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must be able to reach the application over the network to submit or inject content containing the malicious `xmp` payload.

  • AuthenticationNot required

    No account or credentials are needed; any anonymous user who can submit content to the application is a viable attacker.

  • Victim interactionRequired

    A legitimate user must visit or load a page that renders the attacker-supplied sanitized output, making this a classic stored-XSS social-engineering or passive-trap scenario.

  • Attack complexityDetail

    The exploit is reliable and condition-free; no race conditions or special environmental state are required to trigger the sanitizer bypass.

Blast Radius

  • Reads session cookies, authentication tokens, and any sensitive data visible in the victim's browser context at the time of execution.
  • Performs authenticated actions on behalf of the victim, including modifying content, changing account settings, or exfiltrating form data.
  • Propagates the malicious payload to additional users by injecting stored content that executes each time any user loads the affected page.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-44990 is active and matches against all images containing sanitize-html below version 2.17.4, including images where the library arrives as a transitive dependency of ApostropheCMS or another Node.js package. Because no upstream fix has been published, HarborGuard monitors the advisory on every ingest cycle. The moment sanitize-html 2.17.4 or a subsequent patch release appears in the upstream registry, a patched-image rebuild becomes available automatically; for customers with auto-remediation enabled, this triggers a full rebuild, a regression-test run, and a PR opened against affected workloads without requiring manual action. In the interim, compensating controls available to consider include network-policy isolation of the CMS write path, sanitizing or rejecting raw HTML at the application layer before it reaches sanitize-html, and setting `disallowedTagsMode` to `escape` rather than `discard` in sanitize-html configuration to prevent raw content passthrough from disallowed elements.

See how HarborGuard automates this
Affected packages
  • apostrophecms / sanitize-html
    < 2.17.4
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
References