Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different vulnerability than CVE-2010-2479.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HTML Purifier多个跨站脚本攻击漏洞
Vulnerability Description
HTML Purifier是一个用于移除所有恶意代码(XSS)并确保页面遵循W3C的标准规范的PHP类库。 HTML Purifier 4.1.0之前版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助特制的(1)background-image,(2)background,或者(3)font-family层叠样式表(CSS)属性注入任意web脚本或者HTML。
CVSS Information
N/A
Vulnerability Type
N/A