CVE-2026-44898 MEDIUM

CVE-2026-44898: Mistune TOC Anchor Injection XSS

Vendor Lepture
Product mistune
Weakness CWE-79 · XSS
Published May 26, 2026
Last update May 27, 2026
View on NVD All CVEs

CVSS base score

6.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_toc_ul() builds a <ul> table-of-contents tree from a list of (level, id, text) tuples. Both the id value (used as href="#<id>") and the text value (used as the visible link label) are inserted into <a> tags via a plain Python format string — with no HTML escaping applied to either value. When heading IDs are derived from user-supplied heading text (the standard use-case for readable slug anchors), an attacker can craft a heading whose text breaks out of the href="#..." attribute context, injecting arbitrary HTML tags including <script> blocks directly into the rendered TOC. This vulnerability is fixed in 3.2.1.

Key dates

02Disclosure timeline

May 26, 2026 CVE published
May 27, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-51705 WordPress WP MMenu Lite plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-13305 Entity Form Steps - Moderately critical - Cross site scripting - SA-CONTRIB-2024-071 CVE-2026-20116 Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities CVE-2025-13846 Easy Map Creator <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes CVE-2023-3087 FluentSMTP <= 2.2.4 - Unauthenticated Stored Cross-Site Scripting via Email Subject