CVE-2026-47345EPSS p28.3%

CVE-2026-47345CVE-2026-47345

Description

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2.

Scoring

EPSS0.37% probability of exploitation · percentile 28.3% · 2026-06-19T12:03:05Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-47344
CVE
CVE-2026-47348
CVE
CVE-2026-47347
CVE
CVE-2026-47351
CVE
CVE-2026-47343
CVE
CVE-2026-48865
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.