CVE-2026-28350 is a vulnerability classified under CWE-116 (Improper Encoding or Escaping of Output) affecting the fedora-python lxml_html_clean library, specifically versions before 0.4.4. The lxml_html_clean project provides HTML cleaning functionalities derived from lxml.html.clean. The vulnerability stems from the default Cleaner configuration not handling the <base> HTML tag properly. While the Cleaner removes certain tags like html, head, and title when page_structure=True, it does not sanitize or remove the <base> tag. This omission allows an attacker to inject a <base> tag into the cleaned HTML output. The <base> tag defines the base URL for all relative URLs in a document, so malicious injection can hijack relative links, redirecting users to attacker-controlled domains or resources. This can lead to phishing, session hijacking, or other attacks that rely on misleading URL resolution. The vulnerability is remotely exploitable without authentication but requires user interaction to trigger the malicious link usage. The CVSS v3.1 score is 6.1 (medium severity), reflecting the network attack vector, low complexity, no privileges required, but user interaction is necessary. The scope is changed (S:C) because the vulnerability can affect resources outside the original security scope. There are no known exploits in the wild as of the publication date. The issue was patched in version 0.4.4 by adding proper handling or removal of the <base> tag during cleaning. This vulnerability is particularly relevant for applications that sanitize untrusted HTML content using lxml_html_clean and rely on relative links for navigation or resource loading.

The primary impact of this vulnerability is on the confidentiality and integrity of web applications that use lxml_html_clean for HTML sanitization. By injecting a malicious <base> tag, attackers can hijack relative URLs, redirecting users to malicious sites or resources. This can facilitate phishing attacks, credential theft, or delivery of malicious payloads. While availability is not directly affected, the trustworthiness of the affected web content is compromised. Organizations that process user-generated or third-party HTML content and rely on relative links are at higher risk. The vulnerability could be exploited in scenarios such as content management systems, webmail clients, or any service that cleans and renders HTML content. Since exploitation requires user interaction, the risk is somewhat mitigated but still significant, especially in high-traffic or sensitive environments. The medium CVSS score reflects a moderate but non-trivial risk, warranting timely remediation to prevent potential exploitation.

Organizations should upgrade lxml_html_clean to version 0.4.4 or later, where the vulnerability is patched with proper handling of the <base> tag. Until upgrading is possible, implement additional HTML sanitization layers that explicitly remove or neutralize <base> tags from untrusted content. Review and audit all uses of lxml_html_clean in your codebase to identify where untrusted HTML is processed. Employ Content Security Policy (CSP) headers to restrict navigation and resource loading to trusted domains, mitigating the impact of malicious base tag injection. Educate developers and security teams about the risks of improper HTML sanitization and encourage the use of well-maintained libraries with active security support. Monitor for suspicious redirects or unusual link behavior in web applications. Finally, consider implementing user interaction monitoring or warnings when navigating relative links that could be influenced by untrusted content.