HTML-Scrubber 0.08
Security Advisories
CVE-2015-5667
Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment.
- http://jvn.jp/en/jp/JVN53973084/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000171
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172997.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172983.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172934.html
Fixed version: >=0.15
Reported: 2015-10-31
Kwalitee Issues
- no_files_to_be_skipped
-
Fix MANIFEST.SKIP or use an authoring tool which respects MANIFEST.SKIP. Note that each entry in MANIFEST.SKIP is a regular expression. You may need to add appropriate meta characters not to ignore necessary stuff.
Error: MANIFEST.SKIP,t/01_use.t,t/02_basic.t,t/03_more.t,t/04_style_script.t,t/05_pi_comment.t,t/06_scrub_file.t,t/07_booleans.t
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: HTML::Scrubber
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- meta_yml_has_repository_resource
-
Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
Modules
Name | Abstract | Version | View |
---|---|---|---|
HTML::Scrubber | Perl extension for scrubbing/sanitizing html | 0.08 | metacpan |