Download
| Alert*
|
oval:org.secpod.oval:def:93203
libhtml-stripscripts-perl: module for removing scripts from HTML HTML::StripScripts could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:610376 Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes. oval:org.secpod.oval:def:125832 This module strips scripting constructs out of HTML, leaving as much non- scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS vulnerabilities. oval:org.secpod.oval:def:89340 Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes. oval:org.secpod.oval:def:125830 This module strips scripting constructs out of HTML, leaving as much non- scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS vulnerabilities. oval:org.secpod.oval:def:708181 libhtml-stripscripts-perl: module for removing scripts from HTML HTML::StripScripts could be made to crash if it received specially crafted input. |
