Package : libhtml-scrubber-perl Version : 0.08-4+deb6u1 CVE ID : CVE-2015-5667 Debian bug : 803943 HTML::Scrubber is vulnerable to a cross-site scripting (XSS) vulnerability when the comment feature is enabled. It allows remote attackers to inject arbitrary web script or HTML via a crafted comment. For Debian 6 squeeze, this has been fixed in libhtml-scrubber-perl version 0.08-4+deb6u1. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: PGP signature