Executive Summary

The vulnerability exists in the lxml_html_clean Python library prior to version 0.4.4, specifically in the _has_sneaky_javascript() method. This method attempts to detect dangerous CSS keywords like @import and expression() by stripping backslashes from CSS strings before checking. However, this approach fails to properly decode CSS Unicode escape sequences, which are sequences starting with a backslash followed by hexadecimal digits representing characters.

Because the method removes backslashes without decoding these sequences, attackers can encode malicious CSS content using Unicode escapes to bypass the filters. For example, an escaped @import statement like `@\69mport` is transformed incorrectly and not detected as dangerous, allowing external CSS loading or cross-site scripting (XSS) in older browsers.

The issue was fixed by implementing a decoding function that converts CSS Unicode escape sequences into their actual characters before performing security checks, ensuring that obfuscated malicious content is detected and blocked.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows attackers to bypass CSS filters by encoding malicious content using Unicode escape sequences. The impact includes:

• Loading of external CSS files despite filtering, which can be used for data exfiltration such as reading CSRF tokens via CSS attribute selectors.
• UI redressing and phishing attacks by manipulating the appearance of web pages.
• In older browsers like Internet Explorer, full cross-site scripting (XSS) attacks are possible through the expression() CSS function bypass.

Overall, the vulnerability can compromise confidentiality and integrity of web applications by allowing malicious CSS injection and script execution.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability involves CSS Unicode escape sequences bypassing filters in the lxml_html_clean library, allowing malicious CSS such as @import or expression() to load external resources or execute scripts.'}, {'type': 'paragraph', 'content': 'To detect exploitation attempts on your system or network, you can monitor for CSS content containing suspicious Unicode escape sequences that represent dangerous keywords like @import or expression().'}, {'type': 'paragraph', 'content': 'Example detection commands could include searching logs or files for CSS strings with backslash escapes followed by hexadecimal digits, such as:'}, {'type': 'list_item', 'content': 'grep -P "\\\\\\\\[0-9a-fA-F]{1,6}" /path/to/css_or_logs'}, {'type': 'list_item', 'content': 'grep -i -P "\\\\\\\\(69|0069|49)mport" /path/to/css_or_logs # Detects Unicode-escaped \'@import\''}, {'type': 'list_item', 'content': 'grep -i -P "\\\\\\\\65xpression" /path/to/css_or_logs # Detects Unicode-escaped \'expression\''}, {'type': 'paragraph', 'content': 'Additionally, monitoring network traffic for unexpected external CSS loads or unusual CSS content with escape sequences may help identify exploitation attempts.'}] [1, 2]

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to upgrade the lxml_html_clean library to version 0.4.4 or later, where the vulnerability has been patched by properly decoding CSS Unicode escape sequences before filtering.

If upgrading immediately is not possible, consider applying the patch that implements the _decode_css_unicode_escapes function to correctly handle Unicode escapes in CSS before security checks.

As a temporary measure, you can also implement additional filtering or validation on CSS inputs to detect and block Unicode-escaped dangerous keywords such as @import and expression().

Finally, monitor your systems and network for suspicious CSS content or external CSS loads that could indicate exploitation attempts.

Useful 0 Not Useful 0