7.1 High
AI Score
Confidence
High
Zend_Dojo_View_Helper_Editor was incorrectly decorating a TEXTAREA instead of a DIV. The Dojo team has reported that this has security implications as the rich text editor they use is unable to escape content for a TEXTAREA.
Zend_Dojo_View_Helper_Editor
framework.zend.com/security/advisory/ZF2010-02
github.com/FriendsOfPHP/security-advisories/blob/master/zendframework/zendframework1/ZF2010-02.yaml
github.com/zendframework/zf1