QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-3708

Back to search

CVE-2007-3708

Published: Jul 11, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function.

VendorProductVersions

n/a

n/a

affected
n/a

References

37907
vdb-entry
x_refsource_OSVDB
25991
third-party-advisory
x_refsource_SECUNIA
codeigniter-xssclean-xss(35350)
vdb-entry
x_refsource_XF
20070709 CodeIgniter 1.5.3 vulnerabilities
mailing-list
x_refsource_FULLDISC
20070708 CodeIgniter 1.5.3 vulnerabilities
mailing-list
x_refsource_BUGTRAQ
2877
third-party-advisory
x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now