← back
CVE-2013-4891

CVE-2013-4891

EPSS 1.5%
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/bcit-ci/CodeIgniter/issues/4020https://nealpoole.com/blog/2013/07/codeigniter-21-xss-clean-filter-bypass/https://www.codeigniter.com/userguide2/changelog.html