CVE-2023-47125

MEDIUM

TYPO3 html_sanitizer < 1.5.3 - Cross-Site Scripting via DOM Processing Instruction Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-47125. PoCs published by nikn0laty.

AI-analyzed exploit summary The repository provides a functional proof-of-concept for a stored XSS vulnerability in TYPO3 HTML Sanitizer (CVE-2023-47125). The exploit leverages improper handling of DOM processing instructions to bypass XSS protections using a crafted payload (`<?x ><svg/onload=alert()>`).

Description

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions DOM processing instructions are not handled correctly. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. This vulnerability has been addressed in versions 1.5.3 and 2.1.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Exploits (1)

nomisec WORKING POC

by nikn0laty · poc

https://github.com/nikn0laty/TYPO3-HTML-Sanitizer-XSS-CVE-2023-47125

View Code ZIP pw:eip

The repository provides a functional proof-of-concept for a stored XSS vulnerability in TYPO3 HTML Sanitizer (CVE-2023-47125). The exploit leverages improper handling of DOM processing instructions to bypass XSS protections using a crafted payload (`<?x ><svg/onload=alert()>`).

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: TYPO3 HTML Sanitizer (versions >= 1.0.0, <= 1.5.2 and >= 2.0.0, <= 2.1.3)

No auth needed

Prerequisites: Access to a vulnerable TYPO3 instance with HTML Sanitizer enabled

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://github.com/TYPO3/html-sanitizer/security/advisories/GHSA-mm79-jhqm-9j54

Patch x_refsource_misc

https://github.com/TYPO3/html-sanitizer/commit/b8f90717251d968c49dc77f8c1e5912e2fbe0dff

View Patch ZIP pw:eip

Vendor Advisory x_refsource_misc

https://typo3.org/security/advisory/typo3-core-sa-2023-007

Scores

CVSS v3 4.7

EPSS 0.0060

EPSS Percentile 70.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (4)

typo3/html-sanitizer 1.0.0 - 1.5.3Packagist

typo3/html_sanitizer 1.0.0 - 1.5.3

typo3/typo3 11.3.2 - 11.5.33

typo3/typo3 8.7.42 - 8.7.55

Published Nov 14, 2023

Tracked Since Feb 18, 2026