Hash Length Extension in HTMLPurifier

2013-09-03T00:00:00
ID PT-2013-63
Type ptsecurity
Reporter Positive Technologies
Modified 2013-12-04T00:00:00

Description

PT-2013-63: Hash Length Extension in HTMLPurifier

Fix date:

                    November 30, 2013

Vector: Remote

Systems affected: HTML Purifier 4.x

Vendor: HTMLPurifier

Notification status: 03.09.2013 - Vendor gets vulnerability details 30.11.2013 - Vendor releases fixed version and details  04.12.2013 - Public disclosure