AntiSamy malicious input can provoke XSS when preserving comments
Description
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the preserveComments directive must be enabled in your policy file. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. Patched in AntiSamy 1.7.5 and later.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
AntiSamy <1.7.5 has an mXSS vulnerability due to flawed HTML parsing when preserveComments is enabled, allowing comment-injected content to be interpreted as executable code.
Root
Cause AntiSamy is a library for configurable cleansing of untrusted HTML [1]. Prior to version 1.7.5, it is vulnerable to a mutation XSS (mXSS) attack caused by incorrect parsing of HTML content during sanitization [2]. The flaw is only exploitable when the preserveComments directive is enabled in the AntiSamy policy file [2]. Specifically, certain crafted inputs can cause elements placed inside HTML comment tags to be improperly extracted and later interpreted as executable code when the sanitized output is rendered by a browser [2].
Exploitation
An attacker can exploit this vulnerability by submitting specially crafted HTML containing hidden executable content within comment tags that AntiSamy would normally be expected to strip or neutralize. The attack does not require any network position beyond that needed to reach the input being sanitized, and it can be delivered through any vector where user-controlled HTML is processed by AntiSamy, such as comment fields or profile descriptions [1][2]. Authentication is not necessarily required if the application accepts untrusted input from anonymous users.
Impact
Successful exploitation enables an attacker to execute arbitrary JavaScript in the context of the targeted user's browser session when they view the sanitized HTML. This can lead to theft of session tokens, credential harvesting, or other client-side attacks [2]. The impact is limited to applications that have enabled preserveComments, but when present, the vulnerability bypasses the intended security protections that AntiSamy provides [2].
Mitigation
The vulnerability is patched in AntiSamy version 1.7.5 and later [2][3]. Users should upgrade to the latest release immediately. For those who cannot upgrade, disabling the preserveComments directive in the policy file will prevent exploitation of this specific issue [2].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.owasp.antisamy:antisamyMaven | < 1.7.5 | 1.7.5 |
Affected products
2- nahsra/antisamyv5Range: < 1.7.5
Patches
22 files changed · +37 −28
pom.xml+35 −27 modified@@ -5,7 +5,7 @@ <groupId>org.owasp.antisamy</groupId> <artifactId>antisamy</artifactId> <packaging>jar</packaging> - <version>1.7.5-SNAPSHOT</version> + <version>1.7.5</version> <distributionManagement> <snapshotRepository> @@ -73,7 +73,7 @@ <fluido.version>2.0.0-M8</fluido.version> <gpg.skip>true</gpg.skip><!-- by default skip gpg --> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <project.build.outputTimestamp>2023-12-18T21:08:34Z</project.build.outputTimestamp> + <project.build.outputTimestamp>2024-02-02T15:23:04Z</project.build.outputTimestamp> <project.java.target>1.8</project.java.target> <version.findsecbugs>1.12.0</version.findsecbugs> <version.slf4j>2.0.11</version.slf4j> @@ -92,55 +92,50 @@ <dependencies> <dependency> - <groupId>org.htmlunit</groupId> - <artifactId>neko-htmlunit</artifactId> - <version>3.11.0</version> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>2.15.1</version> </dependency> <dependency> <groupId>org.apache.httpcomponents.client5</groupId> <artifactId>httpclient5</artifactId> <version>5.3.1</version> + <exclusions> + <!-- exclude this old version as we directly import a newer one --> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents.core5</groupId> + <artifactId>httpcore5</artifactId> + <version>5.2.4</version> </dependency> <dependency> <groupId>org.apache.xmlgraphics</groupId> <artifactId>batik-css</artifactId> <version>1.17</version> <exclusions> - <!-- exclude this old version of commons-io as newer can be used --> + <!-- exclude this old version as we directly import a newer one --> <exclusion> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> </exclusion> - <!-- exclude this as batik-css has a dependency that uses an older commons-logging and we want to eliminate the convergence mismatch --> - <exclusion> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - </exclusion> </exclusions> </dependency> <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>2.15.1</version> + <groupId>org.htmlunit</groupId> + <artifactId>neko-htmlunit</artifactId> + <version>3.11.1</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> <version>${version.slf4j}</version> </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - <version>${version.slf4j}</version> - <scope>test</scope> - </dependency> - <!-- without this import you get: SLF4J: Defaulting to no-operation (NOP) logger implementation --> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - <version>${version.slf4j}</version> - <scope>test</scope> - </dependency> + <!-- While Java 7+ includes Xerces in the JRE, it apparently doesn't provide all the features we use that are in the 3rd party version. So we import it directly. --> <dependency> @@ -201,6 +196,19 @@ <version>2.2</version> <scope>test</scope> </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>${version.slf4j}</version> + <scope>test</scope> + </dependency> + <!-- without this import you get: SLF4J: Defaulting to no-operation (NOP) logger implementation --> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + <version>${version.slf4j}</version> + <scope>test</scope> + </dependency> </dependencies>
SECURITY.md+2 −1 modified@@ -33,7 +33,8 @@ These are the known CVEs reported for AntiSamy: * AntiSamy CVE #3 - CVE-2021-35043: AntiSamy before 1.6.4 allows XSS via HTML attributes using : as replacement for : character - https://nvd.nist.gov/vuln/detail/CVE-2021-35043 * AntiSamy CVE #4 - CVE-2022-28367: AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content - https://nvd.nist.gov/vuln/detail/CVE-2022-28367. NOTE: This release only included a PARTIAL fix. * AntiSamy CVE #5 - CVE-2022-29577: AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content - https://nvd.nist.gov/vuln/detail/CVE-2022-29577. This is the complete fix to the previous CVE. -* AntiSamy CVE #6 - CVE-2023-43643: AntiSamy before 1.7.4 subject to mXSS when preserving comments - https://nvd.nist.gov/vuln/detail/CVE-2023-43643 +* AntiSamy CVE #6 - CVE-2023-43643: AntiSamy before 1.7.4 subject to mutation XSS (mXSS) when preserving comments - https://nvd.nist.gov/vuln/detail/CVE-2023-43643 +* AntiSamy CVE #7 - CVE-2024-23635: AntiSamy before 1.7.5 subject to mXSS when preserving comments - https://nvd.nist.gov/vuln/detail/CVE-2024-23635 CVEs in AntiSamy dependencies: * AntiSamy before 1.6.6 used the old CyberNeko HTML library net.sourceforge.nekohtml:nekohtml:1.9.22, which is subject to https://nvd.nist.gov/vuln/detail/CVE-2022-28366 and no longer maintained. AntiSamy 1.6.6 upgraded to an active fork of CyberNeko at net.sourceforge.htmlunit:neko-htmlunit which fixed this CVE in v2.27 of that library. AntiSamy 1.6.6 upgraded to net.sourceforge.htmlunit:neko-htmlunit:2.60.0
3e84410ed06aMerge pull request #422 from nahsra/dependabot/maven/org.htmlunit-neko-htmlunit-3.11.0
1 file changed · +1 −1
pom.xml+1 −1 modified@@ -94,7 +94,7 @@ <dependency> <groupId>org.htmlunit</groupId> <artifactId>neko-htmlunit</artifactId> - <version>3.10.0</version> + <version>3.11.0</version> </dependency> <dependency> <groupId>org.apache.httpcomponents.client5</groupId>
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-2mrq-w8pv-5pvqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-23635ghsaADVISORY
- github.com/nahsra/antisamy/commit/12a2e31d3855430c119480655c2bbbbb79a66ecdghsaWEB
- github.com/nahsra/antisamy/commit/3e84410ed06ab67f0a4cc3183c67528210f4847dghsaWEB
- github.com/nahsra/antisamy/security/advisories/GHSA-2mrq-w8pv-5pvqghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.