CVE-2021-42575
Improper Input Validation vulnerability in owasp-java-html-sanitizer (Maven)
What is CVE-2021-42575 About?
The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies related to `SELECT`, `STYLE`, and `OPTION` elements. This improper input validation can lead to security bypasses or unintended behavior. Exploitation would likely involve crafting specific HTML input to circumvent sanitization.
Affected Software
Technical Details
This vulnerability in the OWASP Java HTML Sanitizer arises from insufficient policy enforcement concerning the SELECT, STYLE, and OPTION HTML elements. The sanitizer is designed to filter out potentially malicious content from HTML input based on a predefined policy. However, prior to the specified fix date, the policies governing these particular elements were not strictly or correctly applied. This means an attacker could craft HTML input containing SELECT, STYLE, or OPTION tags with attributes or content that are normally disallowed by the policy. Due to the improper enforcement, these malicious parts would not be stripped or neutralized, potentially leading to Cross-Site Scripting (XSS), style injection, or other content injection attacks, thereby bypassing the intended sanitization controls.
What is the Impact of CVE-2021-42575?
Successful exploitation may allow attackers to inject malicious HTML or scripts into sanitized output, leading to cross-site scripting (XSS), style injection, or other content injection attacks.
What is the Exploitability of CVE-2021-42575?
Exploitation of this Improper Input Validation vulnerability would be of medium complexity. An attacker needs to craft specific HTML input that leverages the inadequate sanitization of SELECT, STYLE, and OPTION elements. No unique authentication or privilege requirements are mentioned; typically, these vulnerabilities are exploited by unauthenticated users submitting malicious content. This is a remote vulnerability, as the input is usually provided via web forms or APIs. The main prerequisite is an application that uses the vulnerable OWASP Java HTML Sanitizer to process untrusted HTML content, where the crafted elements are not properly filtered. Risk factors include platforms allowing user-generated content (e.g., forums, blogs, comments sections) where HTML sanitization is crucial.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2021-42575?
Available Upgrade Options
- com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer
- <20211018.1 → Upgrade to 20211018.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-42575
- https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50/
- https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50
- https://osv.dev/vulnerability/GHSA-3w73-fmf3-hg5c
What are Similar Vulnerabilities to CVE-2021-42575?
Similar Vulnerabilities: CVE-2020-11022 , CVE-2020-11023 , CVE-2019-11358 , CVE-2017-9878 , CVE-2018-9206
