CVE-2021-38193

Vulnerability

The ammonia crate for Rust before version 3.1.0 (also patched in 2.1.3 for the 2.x line) mishandles namespace-related parsing differences between HTML, SVG, and MathML. Even when the svg and math elements are not in the allowed tags list, the underlying html5ever parser still treats content inside those elements according to the foreign namespace rules. This can produce an "impossible" DOM that appears safe when examined by ammonia but serializes to an HTML string that browsers interpret differently, leading to XSS. The issue is similar to CVE-2020-26870 [1][2][3][4].

Exploitation

An attacker must be able to supply HTML that is sanitized by ammonia, and the application must allow at least one tag that is parsed as raw text in HTML (e.g., title, textarea, xmp, iframe, noembed, noframes, plaintext, noscript, style, or script). For example, if iframe is allowed, the attacker can inject <a title="">test. Ammonia removes the svg element but keeps the iframe and its content, losing namespace context. When a browser reparses the sanitized output, the attribute value is misinterpreted, allowing the injected `` tag to execute attacker-controlled JavaScript [4].

Impact

Successful exploitation results in Cross-Site Scripting (XSS) in the context of the web page using the vulnerable ammonia version. The attacker can execute arbitrary JavaScript, potentially stealing cookies, session tokens, or performing actions on behalf of the user [1][3][4].

Mitigation

Users should upgrade ammonia to version 3.1.0 or later (or 2.1.3 or later for the 2.x branch). The fix checks for unexpected namespace switches after cleanup and removes elements that change namespace at an unexpected point [3][4]. No workaround is available other than removing any raw text tags from the allowed list or not using the library until patched. As of August 2021, the issue is fixed and the CVE is not listed in CISA's Known Exploited Vulnerabilities Catalog.