HTML-Scrubber 0.14 Deleted
Security Advisories
CVE-2015-5667
Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment.
- http://jvn.jp/en/jp/JVN53973084/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000171
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172997.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172983.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172934.html
Fixed version: >=0.15
Reported: 2015-10-31
Kwalitee Issues
This is not the latest release. The following issues may have already been fixed in the newer releases.
No Core Issues.
- no_unauthorized_packages
-
Ask the owner of the distribution (the one who released it first, or the one who is designated in x_authority) to give you a (co-)maintainer's permission.
Error:
- HTML::Scrubber
Modules
Name | Abstract | Version | View |
---|---|---|---|
HTML::Scrubber | Perl extension for scrubbing/sanitizing html | 0.14 | metacpan |