CVE-2007-3708
CodeIgniter 1.5.3 before 20070626 is affected by a cross-site scripting (XSS) vulnerability due to insufficient sanitization in the xss_clean function. The issue allows remote attackers to inject arbitrary script/HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an un...