vulnerability
FreeBSD: VID-71ebbc50-01c1-11e7-ae1b-002590263bf5: codeigniter -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:N) | Mar 5, 2017 | Mar 6, 2017 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:N)
Published
Mar 5, 2017
Added
Mar 6, 2017
Modified
Dec 10, 2025
Description
The CodeIgniter changelog reports: Fixed an XSS vulnerability in Security Library method xss_clean(). Fixed a possible file inclusion vulnerability in Loader Library method vars(). Fixed a possible remote code execution vulnerability in the Email Library when ‘mail’ or ‘sendmail’ are used (thanks to Paul Buonopane from NamePros). Added protection against timing side-channel attacks in Security Library method csrf_verify(). Added protection against BREACH attacks targeting the CSRF token field generated by Form Helper function form_open().
Solution
freebsd-upgrade-package-codeigniter
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.