2 matches found
CVE-2005-1638
The writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting XSS vulnerabilities in applications that rely on SafeHTML for protection...
CVE-2005-1638
The vulnerability CVE-2005-1638 affects the SafeHTML library, with the _writeAttrs function failing to properly quote attribute values. This mis-handling can enable cross-site scripting (XSS) in applications that rely on SafeHTML for protection. Affected: SafeHTML prior to 1.3.2. Root cause: insu...