CVE-2026-59923
Received Received - Intake

HTMLRenderer Safe URL Bypass in Mistune

Vulnerability report for CVE-2026-59923, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: GitHub, Inc.

Description

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safe_url() does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections and execute script in rendered HTML. This issue is fixed in version 3.3.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-09
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
lepture mistune to 3.3.0 (exc)
lepture mistune 3.2.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-59923 is a cross-site scripting (XSS) vulnerability in the Mistune Python Markdown parser, specifically in versions 3.2.0 and earlier.

The vulnerability exists in the HTMLRenderer.safe_url() function, which is intended to block harmful URL schemes such as "javascript:". However, it fails to decode percent-encoded characters before checking the URL scheme.

This allows attackers to bypass the filter by using percent-encoded characters (e.g., "javascript%3Aalert(1)"), which are decoded by browsers but not by the safe_url() function, enabling execution of malicious JavaScript when the Markdown is rendered.

Impact Analysis

This vulnerability can allow attackers to execute arbitrary JavaScript in the context of a victim's browser when they view rendered Markdown content.

Potential impacts include session hijacking, account takeover, or other malicious activities that rely on executing scripts in the victim's browser.

The vulnerability can be exploited remotely without requiring privileges but does require user interaction (such as clicking a malicious link).

Any application using Mistune to render user-controlled Markdown without additional URL sanitization is at risk.

Detection Guidance

This vulnerability can be detected by identifying if your system or application uses Mistune version 3.2.0 or earlier to render user-supplied Markdown content without additional URL sanitization.

Specifically, you can check the version of Mistune installed in your Python environment.

  • Run the command: pip show mistune
  • Or, in a Python shell, run: import mistune; print(mistune.__version__)

If the version is 3.2.0 or earlier, your system is vulnerable to this XSS issue.

Additionally, you can audit your Markdown content rendering to detect any percent-encoded javascript URIs in links or images that could bypass URL protections.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Mistune to version 3.3.0 or later, where the issue is fixed.

Version 3.3.0 includes a patch that properly decodes percent-encoded URLs before checking for unsafe schemes like "javascript:", effectively blocking malicious URLs.

If upgrading is not immediately possible, implement additional URL sanitization on user-supplied Markdown links and images to block percent-encoded unsafe URL schemes.

Also, consider restricting or sanitizing Markdown input to prevent injection of malicious links.

Compliance Impact

The vulnerability in Mistune allows attacker-supplied Markdown links or images to execute arbitrary JavaScript in rendered HTML, potentially leading to session hijacking, account takeover, or other malicious activities.

Such security issues can impact compliance with standards and regulations like GDPR and HIPAA, which require protection of user data and prevention of unauthorized access or data breaches.

If an application uses Mistune to render user-controlled Markdown without additional URL sanitization, it may expose users to cross-site scripting (XSS) attacks, risking personal data confidentiality and integrity.

Therefore, failure to patch this vulnerability or implement proper input sanitization could lead to non-compliance with these regulations due to potential data breaches or unauthorized data access.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-59923. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart