Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier prior to 4.1.0, when Internet Explorer is used, allow remote malicious users to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
htmlpurifier htmlpurifier 3.1.1 |
||
htmlpurifier htmlpurifier 3.1.0 |
||
htmlpurifier htmlpurifier 2.1.4 |
||
htmlpurifier htmlpurifier 2.1.3 |
||
htmlpurifier htmlpurifier 2.1.0 |
||
htmlpurifier htmlpurifier 2.1.1 |
||
htmlpurifier htmlpurifier 1.6.0 |
||
htmlpurifier htmlpurifier 1.5.0 |
||
htmlpurifier htmlpurifier 2.0.0 |
||
htmlpurifier htmlpurifier 1.3.2 |
||
htmlpurifier htmlpurifier 1.3.1 |
||
htmlpurifier htmlpurifier 1.3.0 |
||
htmlpurifier htmlpurifier 1.2.0 |
||
htmlpurifier htmlpurifier 4.0.0 |
||
htmlpurifier htmlpurifier 3.3.0 |
||
htmlpurifier htmlpurifier 3.0.0 |
||
htmlpurifier htmlpurifier 2.1.2 |
||
htmlpurifier htmlpurifier 1.4.1 |
||
htmlpurifier htmlpurifier 1.4.0 |
||
htmlpurifier htmlpurifier 1.6.1 |
||
htmlpurifier htmlpurifier 1.0.0 |
||
htmlpurifier htmlpurifier 1.1.1 |
||
htmlpurifier htmlpurifier 1.0.1 |
||
htmlpurifier htmlpurifier |
||
htmlpurifier htmlpurifier 3.2.0 |
||
htmlpurifier htmlpurifier 2.1.5 |
||
htmlpurifier htmlpurifier 2.0.1 |
||
htmlpurifier htmlpurifier 1.1.2 |
||
htmlpurifier htmlpurifier 1.1.0 |