← العودة للجدول
CVE-2026-54570
CVE-2026-54570 — AngleSharp HTML5 Spec Compliance: mXSS via annotation-xml HTML Integration Point
📅 2026-07-18
🟡 Medium 🔥 PoC Only GHSA PoC Research Web CVSS 6.9

📋 الوصف الكامل

### Summary The HTML specification requires that a MathML `` element with `encoding="text/html"` or `encoding="application/xhtml+xml"` is treated as an HTML integration point. Content inside it must be parsed as HTML, not MathML. AngleSharp does not implement this correctly. As a result, the parser produces a DOM tree that differs from what a browser will build (different name

💻 الأنظمة المتأثرة

⚠️ نوع التهديد

PoC Research

🔗 CVE ID

CVE-2026-54570

📡 المصدر

GHSA

✅ الحلول والتخفيف

Refer to CVE-2026-54570 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ← 🔍 Valters IT ←