Improve GHSA-6fh7-fwqj-mv49

github · Oct 28, 2024 · cd44292 · cd44292
1 parent 732bf70
commit cd44292
Showing 1 changed file with 25 additions and 2 deletions.
diff --git a/advisories/unreviewed/2022/05/GHSA-6fh7-fwqj-mv49/GHSA-6fh7-fwqj-mv49.json b/advisories/unreviewed/2022/05/GHSA-6fh7-fwqj-mv49/GHSA-6fh7-fwqj-mv49.json
@@ -1,17 +1,36 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6fh7-fwqj-mv49",
-  "modified": "2022-05-01T18:14:25Z",
+  "modified": "2023-01-31T05:04:04Z",
   "published": "2022-05-01T18:14:25Z",
   "aliases": [
     "CVE-2007-3498"
   ],
+  "summary": "XSS vulnerability in HTML Purifier",
   "details": "Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"unescaped print_r output.\"",
   "severity": [
 
   ],
   "affected": [
-
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "ezyang/htmlpurifier"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "< 2.0.1"
+      }
+    }
   ],
   "references": [
     {
@@ -22,6 +41,10 @@
       "type": "WEB",
       "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35300"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/ezyang/htmlpurifier"
+    },
     {
       "type": "WEB",
       "url": "http://htmlpurifier.org/svnroot/htmlpurifier/tags/2.0.1/NEWS"