[Bug 582576] Re: XSS in HTML purifier 3.0.0 and 4.0.0
Launchpad Bug Tracker
582576 at bugs.launchpad.net
Fri Jun 18 03:34:19 BST 2010
** Branch linked: lp:debian/sid/php-htmlpurifier
--
XSS in HTML purifier 3.0.0 and 4.0.0
https://bugs.launchpad.net/bugs/582576
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.
Status in “php-htmlpurifier” package in Ubuntu: Triaged
Status in “php-htmlpurifier” source package in Lucid: New
Status in “php-htmlpurifier” source package in Maverick: Triaged
Status in “php-htmlpurifier” source package in Karmic: New
Bug description:
Binary package hint: php-htmlpurifier
>From the HTML Purifier 4.1.1 release announcement:
"HTML Purifier 4.1.1 is a major security and bugfix release that improves on 4.1's fix for an XSS vulnerability exploitable on Internet Explorer."
I couldn't find a CVE number or any details as to what this is. All I got was this:
http://secunia.com/advisories/39613/
Both karmic and lucid are affected by this problem.
More information about the Ubuntu-sponsors
mailing list