VulnerableCode Package Details - pkg:composer/codeigniter/framework@3.0.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-a6px-3qen-euct Aliases: GMS-2016-55	Critical SQL injection bug in the ODBC database driver There's a critical SQL injection bug in the ODBC database driver.	3.1.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-a6px-3qen-euct
Aliases:
GMS-2016-55

Critical SQL injection bug in the ODBC database driver There's a critical SQL injection bug in the ODBC database driver.

3.1.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-8wbz-we3g-x3ep	Cross-site Scripting XSS attack vector in Security Library method `xss_clean()`.	GMS-2015-65
VCID-gubk-qp7e-h7f4	XSS vulnerability There's an XSS attack vector in Security Library method `xss_clean()`.	GMS-2015-40
VCID-jn5c-h7cd-skfq	Inadequate XSS Prevention in CodeIgniter/Framework Security Library The xss_clean() method in the Security Library of CodeIgniter/Framework, specifically in versions before 3.0.3, exhibited a vulnerability that allowed certain Cross-Site Scripting (XSS) vectors to bypass its intended protection mechanisms. The xss_clean() method is designed to sanitize input data by removing potentially malicious content, thus preventing XSS attacks. However, in versions prior to 3.0.3, it was discovered that the method did not adequately mitigate specific XSS vectors, leaving a potential security gap.	GHSA-q9j3-4ghj-6h57

Vulnerability

Summary

Aliases

VCID-8wbz-we3g-x3ep

Cross-site Scripting XSS attack vector in Security Library method `xss_clean()`.

GMS-2015-65

VCID-gubk-qp7e-h7f4

XSS vulnerability There's an XSS attack vector in Security Library method `xss_clean()`.

GMS-2015-40

VCID-jn5c-h7cd-skfq

Inadequate XSS Prevention in CodeIgniter/Framework Security Library The xss_clean() method in the Security Library of CodeIgniter/Framework, specifically in versions before 3.0.3, exhibited a vulnerability that allowed certain Cross-Site Scripting (XSS) vectors to bypass its intended protection mechanisms. The xss_clean() method is designed to sanitize input data by removing potentially malicious content, thus preventing XSS attacks. However, in versions prior to 3.0.3, it was discovered that the method did not adequately mitigate specific XSS vectors, leaving a potential security gap.

GHSA-q9j3-4ghj-6h57

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T20:06:17.140212+00:00	GitLab Importer	Affected by	VCID-a6px-3qen-euct	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/codeigniter/framework/GMS-2016-55.yml	38.6.0
2026-06-04T16:51:33.136607+00:00	GithubOSV Importer	Fixing	VCID-jn5c-h7cd-skfq	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-q9j3-4ghj-6h57/GHSA-q9j3-4ghj-6h57.json	38.6.0
2026-06-04T16:21:43.151043+00:00	GitLab Importer	Fixing	VCID-jn5c-h7cd-skfq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/codeigniter/framework/GHSA-q9j3-4ghj-6h57.yml	38.6.0
2026-06-02T04:36:26.374883+00:00	GitLab Importer	Fixing	VCID-gubk-qp7e-h7f4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/codeigniter/framework/GMS-2015-40.yml	38.6.0
2026-06-02T04:36:26.345320+00:00	GitLab Importer	Fixing	VCID-8wbz-we3g-x3ep	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/codeigniter/framework/GMS-2015-65.yml	38.6.0