CVE-2005-1638

2005-05-1704:00:00

mitre

www.cve.org

safehtml

cross-site scripting

remote attackers

attribute values

AI Score

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON

The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.

References

pixel-apes.com/safehtml/feed

secunia.com/advisories/15371

www.osvdb.org/16612