[Bug 582576] Re: XSS in HTML purifier 3.0.0 and 4.0.0
Artur Rona
ari-tczew at tlen.pl
Sun Jun 20 11:42:12 BST 2010
** Changed in: php-htmlpurifier (Ubuntu Maverick)
Assignee: Artur Rona (ari-tczew) => (unassigned)
--
XSS in HTML purifier 3.0.0 and 4.0.0
https://bugs.launchpad.net/bugs/582576
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.
Status in “php-htmlpurifier” package in Ubuntu: Fix Released
Status in “php-htmlpurifier” source package in Lucid: New
Status in “php-htmlpurifier” source package in Maverick: Fix Released
Status in “php-htmlpurifier” source package in Karmic: New
Bug description:
Binary package hint: php-htmlpurifier
>From the HTML Purifier 4.1.1 release announcement:
"HTML Purifier 4.1.1 is a major security and bugfix release that improves on 4.1's fix for an XSS vulnerability exploitable on Internet Explorer."
I couldn't find a CVE number or any details as to what this is. All I got was this:
http://secunia.com/advisories/39613/
Both karmic and lucid are affected by this problem.
More information about the Ubuntu-sponsors
mailing list