Impact
Cross-Site Scripting (XSS) vulnerability was found in API\ResponseTrait in Codeigniter4.
Attackers can do XSS attacks if you are using API\ResponseTrait.
Patches
Upgrade to v4.1.8 or later.
Workarounds
Do one of the following:
- Do not use
API\ResponseTrait nor ResourceController
- Disable Auto Route and Use Defined Routes Only
References
For more information
If you have any questions or comments about this advisory:
Impact
Cross-Site Scripting (XSS) vulnerability was found in
API\ResponseTraitin Codeigniter4.Attackers can do XSS attacks if you are using
API\ResponseTrait.Patches
Upgrade to v4.1.8 or later.
Workarounds
Do one of the following:
API\ResponseTraitnorResourceControllerReferences
For more information
If you have any questions or comments about this advisory: