oss-sec mailing list archives
CVE id request: mahara / HTML Purifier
From: Joey Schulze <joey () infodrom org>
Date: Wed, 13 Apr 2011 15:26:25 +0200
Could we get CVE id(s) for these security problems discovered in HTML Purifier (emedded in older versions of mahara as well). Patches are attached. They originate from HTML Purifier http://htmlpurifier.org/news/2011/0327-4.3.0-released Regards, Joey -- Experience is something you don't get until just after you need it.
Attachment:
css_url_escaping.dpatch
Description:
Attachment:
font_family_attacks.dpatch
Description:
Attachment:
ie_innerhtml_backticks.dpatch
Description:
Current thread:
- CVE id request: mahara / HTML Purifier Joey Schulze (Apr 13)
- Re: CVE id request: mahara / HTML Purifier Josh Bressers (Apr 18)