CVE 2010-2479
Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Related bugs and status
CVE-2010-2479 (Candidate) is related to these bugs:
Bug #571505: XSS in HTML purifier 3.0.0 and 4.0.0
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 571505 | XSS in HTML purifier 3.0.0 and 4.0.0 | Mahara | Critical | Fix Released | ||
| 571505 | XSS in HTML purifier 3.0.0 and 4.0.0 | Mahara 1.0 | Critical | Fix Released | ||
| 571505 | XSS in HTML purifier 3.0.0 and 4.0.0 | Mahara 1.1 | Critical | Fix Released | ||
Bug #582576: XSS in HTML purifier 3.0.0 and 4.0.0
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 582576 | XSS in HTML purifier 3.0.0 and 4.0.0 | php-htmlpurifier (Ubuntu) | Undecided | Fix Released | ||
| 582576 | XSS in HTML purifier 3.0.0 and 4.0.0 | php-htmlpurifier (Ubuntu Karmic) | Undecided | Fix Released | ||
| 582576 | XSS in HTML purifier 3.0.0 and 4.0.0 | php-htmlpurifier (Ubuntu Lucid) | Undecided | Fix Released | ||
| 582576 | XSS in HTML purifier 3.0.0 and 4.0.0 | php-htmlpurifier (Ubuntu Maverick) | Undecided | Fix Released | ||
Bug #602772: Sync mahara 1.2.5-1 (universe) from Debian unstable (main)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 602772 | Sync mahara 1.2.5-1 (universe) from Debian unstable (main) | mahara (Ubuntu) | Wishlist | Fix Released | ||
| 602772 | Sync mahara 1.2.5-1 (universe) from Debian unstable (main) | mahara (Ubuntu Jaunty) | Undecided | Fix Released | ||
| 602772 | Sync mahara 1.2.5-1 (universe) from Debian unstable (main) | mahara (Ubuntu Karmic) | Undecided | Fix Released | ||
| 602772 | Sync mahara 1.2.5-1 (universe) from Debian unstable (main) | mahara (Ubuntu Lucid) | Undecided | Fix Released | ||
| 602772 | Sync mahara 1.2.5-1 (universe) from Debian unstable (main) | mahara (Ubuntu Maverick) | Wishlist | Fix Released | ||
Bug #640572: Please Merge Moodle 1.9.4 in Maverick with Debian Unstable 1.9.9 - active security vulnerability
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 640572 | Please Merge Moodle 1.9.4 in Maverick with Debian Unstable 1.9.9 - active security vulnerability | moodle (Ubuntu) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
