PT-2005-2615 · Owasp · Safehtml

Publicado

2005-05-17

Atualizado

2008-09-05

CVE-2005-1638

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions SafeHTML versions prior to 1.3.2

Description The issue concerns the writeAttrs function, which fails to properly handle quotes in attribute values. This could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.

Recommendations For versions prior to 1.3.2, update to version 1.3.2 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-1638

Produtos afetados

Safehtml

PT-2005-2615 · Owasp · Safehtml

CVE-2005-1638

Identificadores relacionados

Produtos afetados

Referências · 4