Vulnerabilites related to htmlpurifier - htmlpurifier
Vulnerability from fkie_nvd
Published
2010-11-05 17:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:*:*:*:*:*:*:*:*",
"matchCriteriaId": "440617A3-2E6F-4D37-BD6C-27B8287B7B35",
"versionEndIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24143435-62A6-470F-AC49-92175167F5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "3E0FFD69-953B-4256-B865-3D9B15681597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D62CE1F3-3667-46F4-B62F-456148267E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B70AF0F-5B3B-4D41-B4A7-9A04C790D703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E3DDFA-98AE-4908-AA90-1524A0850752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05E7680A-9942-47D3-B8EA-C0830F30DE7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D14E3B6C-A386-469E-92BC-1830D1E572D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F167F4A-E18B-4E2D-8B0F-F6022759E069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBAD18A-26DB-49B9-AA19-CFA0BB4233F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24A7F78E-4146-4EA0-A968-C2FED9F71300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10EEA88C-A2E2-4035-8A7C-921D3B8350F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "63E05515-EF1A-43AA-8125-3BC2EF46D6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE68DBD-C1E6-49E9-8E66-A9F49950E8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "44887D47-30A3-4CAB-BA18-91CCB4C32333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67F9D661-CA8E-437B-BDD6-9B7749281BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.5.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "C05D43AF-2B7B-463B-A272-79F133C2F6EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE65FF-653C-49E6-82AE-F5E72BA5C6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "6F3C02BD-1BE2-4950-B712-5FFB8ECC2A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6CE6A7-9B74-4AD0-A7F9-62AF0B4C82AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "E3EFA8D3-646C-4F44-AD9F-410B202064B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "797CE25C-505D-4596-9021-B1EA43E6A767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "0447936E-6DB9-4C77-8D66-02068690F074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B54BDBD5-DD16-4E42-8FB7-BEC679AFCB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "484F93BB-E787-4277-B166-147BA89E2627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D5ECE-A527-4912-97B0-5AC318E27992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "711DC856-A791-4C5B-AEEF-C7E25E068E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "B7E3F4CE-403E-429A-B6B9-820B75343AE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "1C8D2CE8-4773-46E6-A1D5-2B23E49E4DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "D950D749-B476-48D0-A789-55ADD9C73B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "57D3F6C3-6616-4FC0-AD0A-A98FB8F78E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24177810-45DC-499E-B0F7-C3B9A40950B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:lite:*:*:*:*:*",
"matchCriteriaId": "F37323C6-86F8-4BE5-A00B-21366A7190BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:standalone:*:*:*:*:*",
"matchCriteriaId": "C9CA7EA8-670A-43FB-8466-C663AEEDEFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "F809E8DA-49EE-4509-BBE7-4B6D39965948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "FAD9CEF2-F674-4B17-89E9-B7F7745704B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "9EA1FFA7-DED0-4B05-81BE-E2AAA1DE6F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53C79A55-90D3-4DAE-B1A2-D53116864F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:lite:*:*:*:*:*",
"matchCriteriaId": "1A9269ED-1A01-4677-B42D-95BBA6319EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:standalone:*:*:*:*:*",
"matchCriteriaId": "9C3C9655-79F1-4D66-8830-1E630C436D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:strict:*:*:*:*:*",
"matchCriteriaId": "FF260945-7E1E-400E-9CDE-D75498667483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "E742FC87-C5EA-4D69-9AFA-5A5AE207FE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "4DD9AD81-CDA5-4377-A9ED-67D04FECBE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1314CE-89D9-40FC-9A33-31EB3B981A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:lite:*:*:*:*:*",
"matchCriteriaId": "CAF341D6-E0D2-43F1-854E-6DCCE1BC2A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:standalone:*:*:*:*:*",
"matchCriteriaId": "D1395209-C0A8-484E-891F-9BBFAAF5C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:strict:*:*:*:*:*",
"matchCriteriaId": "09CDD264-F587-43C6-B8DD-BF6F05A1D785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "C578396F-EFE9-49B2-8375-9DDE507D56EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "115A93E1-7E60-4499-8E5D-0005FE01F1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FE055D0C-E7C9-4A4D-A156-86C1B5352A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.4:*:lite:*:*:*:*:*",
"matchCriteriaId": "8075E2EB-A40F-4627-92AC-1485235691A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.4:*:standalone:*:*:*:*:*",
"matchCriteriaId": "184370F0-FB8B-470C-AD96-75CCB68D37EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39F54191-160A-456E-B049-093276C06F61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.5:*:lite:*:*:*:*:*",
"matchCriteriaId": "962A7056-71F8-4BA7-8664-B29A8E9CF83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.5:*:standalone:*:*:*:*:*",
"matchCriteriaId": "929A6993-24FB-4665-8CC9-5F101A557BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3F7F1B-5F25-4092-8128-795544F386FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.0.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "F65FCFE7-4EA0-405F-AAE1-CDB9E58318F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.0.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "E6B5FBD8-2D09-4ABA-BC34-C9D9993E858E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5624C862-D4B8-4A14-AD9F-A2E80BBBEB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "EFDE4099-9E43-4A2C-865C-C397CBE92609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "C58ED5AB-F5FF-42A6-98D8-37D37D4054F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "49F1B3F5-C22C-46DD-B447-82F6E00B232A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:rc1:lite:*:*:*:*:*",
"matchCriteriaId": "3EFE0D2B-D725-4588-935E-26E424CC8C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:rc1:standalone:*:*:*:*:*",
"matchCriteriaId": "566EB415-EE50-4D32-81BB-58AC00FF6E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74387F7F-6E01-4F92-AE5B-A8D39DA7DE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.1:*:lite:*:*:*:*:*",
"matchCriteriaId": "4CABDC55-2753-4481-9613-5F83D2974E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.1:*:standalone:*:*:*:*:*",
"matchCriteriaId": "BF967A1F-4B6E-4507-8DCF-DAC87EC8E276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2924AA-FFE7-4CE3-B4D1-4CE2BB496555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.2.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "D905650B-10DD-492D-AC66-12DF313661F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.2.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "EFF61BFC-1139-47B4-82FA-9080F6F52648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "049719CC-CDB8-466C-92F5-2918ABDD97BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.3.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "9DCF286B-76D2-4E3E-B05B-DA17C3FA0D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.3.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "99579DB2-D08A-46A2-9CE8-9C0A06AF2BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:4.0.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "958E7E2C-58C0-42B5-96CB-93158EB3A185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:4.0.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "FC1452C3-E3A9-490F-931D-4F173B6EFDEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8682FAF3-98E3-485C-89CB-C0358C4E2AB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados en HTML Purifier anterior v4.1.0, cuando se usa Internet Explorer, permite a atacantes remotos inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s de las propiedades manipuladas (1) background-image, (2) background, o (3) font-family Cascading Style Sheets (CSS) , una vulnerabilidad diferente a CVE-2010-2479."
}
],
"id": "CVE-2010-4183",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-05T17:00:03.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://htmlpurifier.org/news/2010/0915-4.2.0-released"
},
{
"source": "cve@mitre.org",
"url": "http://htmlpurifier.org/security/2010/css-quoting"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://htmlpurifier.org/news/2010/0915-4.2.0-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://htmlpurifier.org/security/2010/css-quoting"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-29 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped print_r output."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| htmlpurifier | htmlpurifier | 2.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "797CE25C-505D-4596-9021-B1EA43E6A767",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"unescaped print_r output.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en smoketests/configForm.php de HTML Purifier anterior a 2.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante vectores no especificados relacionados con \"salidas de print_r no escapadas\"."
}
],
"id": "CVE-2007-3498",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-29T18:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36722"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24699"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35300"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-07-06 17:17
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D201412A-161C-4383-81BF-D2885299A037",
"versionEndIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:*:*:lite:*:*:*:*:*",
"matchCriteriaId": "1B8C27B0-F75E-4791-BE5A-2B0632122D7E",
"versionEndIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:*:*:standalone:*:*:*:*:*",
"matchCriteriaId": "7C82068C-6C5F-4EBF-8AB4-F44E502A2787",
"versionEndIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24143435-62A6-470F-AC49-92175167F5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "3E0FFD69-953B-4256-B865-3D9B15681597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D62CE1F3-3667-46F4-B62F-456148267E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B70AF0F-5B3B-4D41-B4A7-9A04C790D703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E3DDFA-98AE-4908-AA90-1524A0850752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05E7680A-9942-47D3-B8EA-C0830F30DE7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D14E3B6C-A386-469E-92BC-1830D1E572D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F167F4A-E18B-4E2D-8B0F-F6022759E069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBAD18A-26DB-49B9-AA19-CFA0BB4233F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24A7F78E-4146-4EA0-A968-C2FED9F71300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10EEA88C-A2E2-4035-8A7C-921D3B8350F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "63E05515-EF1A-43AA-8125-3BC2EF46D6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE68DBD-C1E6-49E9-8E66-A9F49950E8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.4.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "44887D47-30A3-4CAB-BA18-91CCB4C32333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67F9D661-CA8E-437B-BDD6-9B7749281BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.5.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "C05D43AF-2B7B-463B-A272-79F133C2F6EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE65FF-653C-49E6-82AE-F5E72BA5C6CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "6F3C02BD-1BE2-4950-B712-5FFB8ECC2A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6CE6A7-9B74-4AD0-A7F9-62AF0B4C82AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:1.6.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "E3EFA8D3-646C-4F44-AD9F-410B202064B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "797CE25C-505D-4596-9021-B1EA43E6A767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "0447936E-6DB9-4C77-8D66-02068690F074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B54BDBD5-DD16-4E42-8FB7-BEC679AFCB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.0.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "484F93BB-E787-4277-B166-147BA89E2627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D5ECE-A527-4912-97B0-5AC318E27992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "711DC856-A791-4C5B-AEEF-C7E25E068E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "B7E3F4CE-403E-429A-B6B9-820B75343AE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:strict:*:*:*:*:*",
"matchCriteriaId": "1C8D2CE8-4773-46E6-A1D5-2B23E49E4DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "D950D749-B476-48D0-A789-55ADD9C73B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.0:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "57D3F6C3-6616-4FC0-AD0A-A98FB8F78E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24177810-45DC-499E-B0F7-C3B9A40950B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:lite:*:*:*:*:*",
"matchCriteriaId": "F37323C6-86F8-4BE5-A00B-21366A7190BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:standalone:*:*:*:*:*",
"matchCriteriaId": "C9CA7EA8-670A-43FB-8466-C663AEEDEFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:strict:*:*:*:*:*",
"matchCriteriaId": "F809E8DA-49EE-4509-BBE7-4B6D39965948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "FAD9CEF2-F674-4B17-89E9-B7F7745704B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.1:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "9EA1FFA7-DED0-4B05-81BE-E2AAA1DE6F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53C79A55-90D3-4DAE-B1A2-D53116864F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:lite:*:*:*:*:*",
"matchCriteriaId": "1A9269ED-1A01-4677-B42D-95BBA6319EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:standalone:*:*:*:*:*",
"matchCriteriaId": "9C3C9655-79F1-4D66-8830-1E630C436D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:strict:*:*:*:*:*",
"matchCriteriaId": "FF260945-7E1E-400E-9CDE-D75498667483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "E742FC87-C5EA-4D69-9AFA-5A5AE207FE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.2:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "4DD9AD81-CDA5-4377-A9ED-67D04FECBE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1314CE-89D9-40FC-9A33-31EB3B981A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:lite:*:*:*:*:*",
"matchCriteriaId": "CAF341D6-E0D2-43F1-854E-6DCCE1BC2A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:standalone:*:*:*:*:*",
"matchCriteriaId": "D1395209-C0A8-484E-891F-9BBFAAF5C680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:strict:*:*:*:*:*",
"matchCriteriaId": "09CDD264-F587-43C6-B8DD-BF6F05A1D785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:strict-lite:*:*:*:*:*",
"matchCriteriaId": "C578396F-EFE9-49B2-8375-9DDE507D56EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.3:*:strict-standalone:*:*:*:*:*",
"matchCriteriaId": "115A93E1-7E60-4499-8E5D-0005FE01F1D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FE055D0C-E7C9-4A4D-A156-86C1B5352A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.4:*:lite:*:*:*:*:*",
"matchCriteriaId": "8075E2EB-A40F-4627-92AC-1485235691A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.4:*:standalone:*:*:*:*:*",
"matchCriteriaId": "184370F0-FB8B-470C-AD96-75CCB68D37EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39F54191-160A-456E-B049-093276C06F61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.5:*:lite:*:*:*:*:*",
"matchCriteriaId": "962A7056-71F8-4BA7-8664-B29A8E9CF83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:2.1.5:*:standalone:*:*:*:*:*",
"matchCriteriaId": "929A6993-24FB-4665-8CC9-5F101A557BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3F7F1B-5F25-4092-8128-795544F386FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.0.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "F65FCFE7-4EA0-405F-AAE1-CDB9E58318F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.0.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "E6B5FBD8-2D09-4ABA-BC34-C9D9993E858E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5624C862-D4B8-4A14-AD9F-A2E80BBBEB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "EFDE4099-9E43-4A2C-865C-C397CBE92609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "C58ED5AB-F5FF-42A6-98D8-37D37D4054F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "49F1B3F5-C22C-46DD-B447-82F6E00B232A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:rc1:lite:*:*:*:*:*",
"matchCriteriaId": "3EFE0D2B-D725-4588-935E-26E424CC8C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.0:rc1:standalone:*:*:*:*:*",
"matchCriteriaId": "566EB415-EE50-4D32-81BB-58AC00FF6E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74387F7F-6E01-4F92-AE5B-A8D39DA7DE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.1:*:lite:*:*:*:*:*",
"matchCriteriaId": "4CABDC55-2753-4481-9613-5F83D2974E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.1.1:*:standalone:*:*:*:*:*",
"matchCriteriaId": "BF967A1F-4B6E-4507-8DCF-DAC87EC8E276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2924AA-FFE7-4CE3-B4D1-4CE2BB496555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.2.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "D905650B-10DD-492D-AC66-12DF313661F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.2.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "EFF61BFC-1139-47B4-82FA-9080F6F52648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "049719CC-CDB8-466C-92F5-2918ABDD97BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.3.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "9DCF286B-76D2-4E3E-B05B-DA17C3FA0D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:3.3.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "99579DB2-D08A-46A2-9CE8-9C0A06AF2BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0705143F-5A7E-4B22-8BA6-C52EC940F337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:4.0.0:*:lite:*:*:*:*:*",
"matchCriteriaId": "958E7E2C-58C0-42B5-96CB-93158EB3A185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htmlpurifier:htmlpurifier:4.0.0:*:standalone:*:*:*:*:*",
"matchCriteriaId": "FC1452C3-E3A9-490F-931D-4F173B6EFDEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D849F41F-0841-43A9-8CDC-73CBFE844CFE",
"versionEndIncluding": "1.0.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D7FB07-E62A-40FE-A7BE-C809E6460585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62BA0A1B-26BB-47B0-AA9E-5730E433675A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3362126C-F6CB-4AB8-9490-C19E43D509D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B49D797-AF1B-4F7E-A71D-AABD0F802912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18048333-3E64-4AB4-9F20-2B1B8E7AB9FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68167317-977B-48EE-9320-2A4539A93B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB25DF09-D88F-4633-9956-D64E3497153F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E32430EE-5F2B-4936-A297-2DF55CC22937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC0259C-E628-4BBA-9D97-41A130B1E741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "974F2D63-488C-41D7-A627-BF9B085A8D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E26420D4-20D8-4D6D-88B5-C74F39B88720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "321475F4-1548-4FD1-BED9-12D944388FD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F37005DE-BB31-4738-AC49-C3C2022AE8F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6F03B-F449-424E-A856-5BE5FB98814F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFDC009-9CEB-450C-8704-CA73B147F220",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FECA6B74-605D-4FCD-9DC6-EDE197862E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "339D5D57-389C-4588-8347-61B69BB331B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "831676A2-1A33-4605-A5F4-97FAC8A1BB18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "84652E40-1C88-438D-BCA1-4FF4C069F9AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "08F53776-5F58-4C20-8FE7-9DF06F1704A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "D5D55D2C-E6E5-44A4-831A-3EAE5C1568CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "79228F92-00A8-4B74-A914-11BDF9641F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "9EEB3BF7-C4D3-4BB8-893F-B0FE252F0405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "3BE91ED4-EA2A-4402-813C-1A2E5B10EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "F7FB1F02-A03F-45E5-8D26-C007C10EE97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A09C63AC-15A8-4722-B18E-98A86EC8A856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "62452677-EE4C-4E5E-9DD2-D11C4211DA54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDC6F32-24C0-4B5E-8338-FF85B0BBF801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "92848F08-EBFC-4579-A088-EC15D0B3EE48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D97D8A87-390E-45AC-B1B0-CFD63C7F07E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "894C07CE-BDF4-4652-9591-6DB6877582F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D278FD-9892-4B8F-BB0C-9E2323F7B9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6537E2-0A45-4CFB-82A4-5BF25E59C8DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBAF369-421F-4073-90D8-C67420CD4079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB363CEB-6744-454A-88D4-D005E988ADCC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAF00FF-8F66-4C6A-B88B-810F2DC96A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "ED69BC0A-7C5F-4914-8030-B8FD113AEA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "4A62AC27-3F69-4705-8C66-CBAED72A9EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "299920CB-3F4D-44C9-B0DB-E903C9DC1EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "49753C3B-2025-497A-AF5F-30949ACD0742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "3E5CFB7A-3C90-4394-BECA-7C31D06A69E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "8C767369-1F19-44C7-A8E8-EEA7C52DF1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "E115E0FC-B489-4294-ACF7-59C693602AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A8C9CDAB-9F01-42CE-AB1F-CC81B2D145EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "604DD0C5-7432-45AB-AA7C-F6018F2CC479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4397E8D-502A-41B5-AE03-223616BA7A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C25DD02-C589-4A65-A87D-73BB0392D964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mahara:mahara:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDB8082-B11B-4485-92AC-B7F9088D7E4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en HTML Purifier anterior v4.1.1, como el usado en Mahara y otros productos, cuando el navegador es Internet Explorer, permite a atacantes remotos inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados. \r\n"
}
],
"id": "CVE-2010-2479",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-07-06T17:17:14.717",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://htmlpurifier.org/news/2010/0531-4.1.1-released"
},
{
"source": "secalert@redhat.com",
"url": "http://repo.or.cz/w/htmlpurifier.git/commitdiff/18e538317a877a0509ae71a860429c41770da230"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39613"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40431"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.mahara.org/Release_Notes/1.0.15"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.mahara.org/Release_Notes/1.1.9"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.mahara.org/Release_Notes/1.2.5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/41259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://htmlpurifier.org/news/2010/0531-4.1.1-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://repo.or.cz/w/htmlpurifier.git/commitdiff/18e538317a877a0509ae71a860429c41770da230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.mahara.org/Release_Notes/1.0.15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.mahara.org/Release_Notes/1.1.9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.mahara.org/Release_Notes/1.2.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/41259"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-3498 (GCVE-0-2007-3498)
Vulnerability from cvelistv5
Published
2007-06-29 18:00
Modified
2024-08-07 14:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped print_r output."
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35300 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/36722 | vdb-entry, x_refsource_OSVDB | |
| http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24699 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "htmlpurifier-configform-xss(35300)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35300"
},
{
"name": "36722",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS"
},
{
"name": "24699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"unescaped print_r output.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "htmlpurifier-configform-xss(35300)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35300"
},
{
"name": "36722",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS"
},
{
"name": "24699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24699"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"unescaped print_r output.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "htmlpurifier-configform-xss(35300)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35300"
},
{
"name": "36722",
"refsource": "OSVDB",
"url": "http://osvdb.org/36722"
},
{
"name": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS",
"refsource": "CONFIRM",
"url": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS"
},
{
"name": "24699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24699"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3498",
"datePublished": "2007-06-29T18:00:00",
"dateReserved": "2007-06-29T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2479 (GCVE-0-2010-2479)
Vulnerability from cvelistv5
Published
2010-07-06 17:00
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/39613 | third-party-advisory, x_refsource_SECUNIA | |
| http://wiki.mahara.org/Release_Notes/1.1.9 | x_refsource_CONFIRM | |
| http://htmlpurifier.org/news/2010/0531-4.1.1-released | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/41259 | vdb-entry, x_refsource_BID | |
| http://wiki.mahara.org/Release_Notes/1.2.5 | x_refsource_CONFIRM | |
| http://repo.or.cz/w/htmlpurifier.git/commitdiff/18e538317a877a0509ae71a860429c41770da230 | x_refsource_CONFIRM | |
| http://wiki.mahara.org/Release_Notes/1.0.15 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/40431 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39613",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39613"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mahara.org/Release_Notes/1.1.9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://htmlpurifier.org/news/2010/0531-4.1.1-released"
},
{
"name": "41259",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41259"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mahara.org/Release_Notes/1.2.5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://repo.or.cz/w/htmlpurifier.git/commitdiff/18e538317a877a0509ae71a860429c41770da230"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.mahara.org/Release_Notes/1.0.15"
},
{
"name": "40431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-07-06T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "39613",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39613"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mahara.org/Release_Notes/1.1.9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://htmlpurifier.org/news/2010/0531-4.1.1-released"
},
{
"name": "41259",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41259"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mahara.org/Release_Notes/1.2.5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://repo.or.cz/w/htmlpurifier.git/commitdiff/18e538317a877a0509ae71a860429c41770da230"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.mahara.org/Release_Notes/1.0.15"
},
{
"name": "40431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40431"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2479",
"datePublished": "2010-07-06T17:00:00Z",
"dateReserved": "2010-06-28T00:00:00Z",
"dateUpdated": "2024-08-07T02:32:16.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4183 (GCVE-0-2010-4183)
Vulnerability from cvelistv5
Published
2010-11-05 16:28
Modified
2024-09-16 18:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479.
References
| ▼ | URL | Tags |
|---|---|---|
| http://htmlpurifier.org/news/2010/0915-4.2.0-released | x_refsource_CONFIRM | |
| http://htmlpurifier.org/security/2010/css-quoting | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://htmlpurifier.org/news/2010/0915-4.2.0-released"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://htmlpurifier.org/security/2010/css-quoting"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-05T16:28:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://htmlpurifier.org/news/2010/0915-4.2.0-released"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://htmlpurifier.org/security/2010/css-quoting"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://htmlpurifier.org/news/2010/0915-4.2.0-released",
"refsource": "CONFIRM",
"url": "http://htmlpurifier.org/news/2010/0915-4.2.0-released"
},
{
"name": "http://htmlpurifier.org/security/2010/css-quoting",
"refsource": "CONFIRM",
"url": "http://htmlpurifier.org/security/2010/css-quoting"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4183",
"datePublished": "2010-11-05T16:28:00Z",
"dateReserved": "2010-11-05T00:00:00Z",
"dateUpdated": "2024-09-16T18:33:51.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}