CVE-2013-4891

The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt