GHSA-jhhc-3hcp-qhm5: WeasyPrint has CSS Injection via Presentational Hints
Summary
A CSS injection issue exists in WeasyPrint when HTML presentational hints are enabled. Unescaped attribute values are embedded into CSS, allowing injection of arbitrary CSS declarations. This affects applications processing untrusted HTML input.
Details
File: weasyprint/css/init.py
The background attribute is used to construct CSS:
background-image:url({element.get("background")})
This string is parsed by tinycss2.parse_blocks_contents().
Because the value is not escaped, additional CSS declarations can be injected.
PoC
<body background="x);background-image:url(http://169.254.169.254/latest/meta-data/)">
Impact
- CSS injection
- Server-side requests via injected url()
- Limited to cases where presentational_hints=True
Suggested Fix
- Escape attribute values before embedding into CSS
- Restrict allowed values for presentational hints
VULN-05_css_injection_presentational_hints.md
Details
Original advisory: https://github.com/advisories/GHSA-jhhc-3hcp-qhm5
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-49452 | coverage & exploitation status | NVD · CVE.org |
More from GitHub Security Advisories
- criticalGHSA-g936-7jqj-mwv8: TSDProxy: Internal proxy auth token forwarded to backend services enables management API …2026-07-10
- highGHSA-fpg8-7664-jc5q: melange: Incomplete package integrity verification allows data section substitution2026-07-10
- mediumGHSA-48rx-c7pg-q66r: Excon does not redact additional sensitive/risky headers when following redirects2026-07-10
- highGHSA-h4g2-xfmw-q2c9: Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enab…2026-07-10
- mediumGHSA-rqq5-2gf9-4w4q: Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when giv…2026-07-10