FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

codeigniter -- multiple vulnerabilities

Affected packages
codeigniter < 2.2.2

Details

VuXML ID c21f4e61-6570-11e5-9909-002590263bf5
Discovery 2015-04-15
Entry 2015-09-28

The CodeIgniter changelog reports:

Security: Added HTTP "Host" header character validation to prevent cache poisoning attacks when base_url auto-detection is used.

Security: Added FSCommand and seekSegmentTime to the "evil attributes" list in CI_Security::xss_clean().

References

FreeBSD PR ports/203401
URL https://codeigniter.com/userguide2/changelog.html