github · advisory-database · Oct 29, 2024 · Oct 28, 2024
diff --git a/advisories/unreviewed/2022/05/GHSA-jw86-5cjf-mv79/GHSA-jw86-5cjf-mv79.json b/advisories/unreviewed/2022/05/GHSA-jw86-5cjf-mv79/GHSA-jw86-5cjf-mv79.json
@@ -1,23 +1,46 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jw86-5cjf-mv79",
-  "modified": "2022-05-17T05:31:55Z",
+  "modified": "2023-01-28T05:04:06Z",
   "published": "2022-05-17T05:31:55Z",
   "aliases": [
     "CVE-2011-3744"
   ],
+  "summary": "HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information",
   "details": "HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files.",
   "severity": [
 
   ],
   "affected": [
-
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "ezyang/htmlpurifier"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "4.0.2"
+            }
+          ]
+        }
+      ]
+    }
   ],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3744"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/ezyang/htmlpurifier"
+    },
     {
       "type": "WEB",
       "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"