CVE-2005-1638 Information

Description

The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.

Reference

http://pixel-apes.com/safehtml/feed http://secunia.com/advisories/15371 http://www.osvdb.org/16612