CVE-2013-4891

Published February 21st, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.

bcit-ci/CodeIgniter

Open Source PHP Framework (originally from EllisLab)

GitHub

18.2K