FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

codeigniter -- multiple vulnerabilities

Affected packages
codeigniter < 2.2.6

Details

VuXML ID 698403a7-803d-11e5-ab94-002590263bf5
Discovery 2015-10-31
Entry 2015-11-01

The CodeIgniter changelog reports:

Fixed an XSS attack vector in Security Library method xss_clean().

Changed Config Library method base_url() to fallback to ``$_SERVER['SERVER_ADDR']`` in order to avoid Host header injections.

Changed CAPTCHA Helper to try to use the operating system's PRNG first.

[source]

References

FreeBSD PR ports/203403
URL https://codeigniter.com/userguide2/changelog.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.