Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 prior to 20070626 allows remote malicious users to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
codeigniter codeigniter 1.5.3 |