Name of the Vulnerable Software and Affected Versions CodeIgniter/Framework versions prior to 3.0.3

Description The issue concerns the xss clean() method in the Security Library, which is intended to sanitize input data and prevent Cross-Site Scripting (XSS) attacks. However, in affected versions, the method failed to adequately mitigate specific XSS vectors, leaving a potential security gap.

Recommendations For versions prior to 3.0.3, update to version 3.0.3 or later to resolve the issue. As a temporary workaround, consider disabling the xss clean() method until a patch is available, and instead, implement alternative input sanitization mechanisms to minimize the risk of XSS attacks.