Description
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
Remediation
References
Related Vulnerabilities
Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.9)
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.2.4)
ownCloud Improper Authentication Vulnerability (CVE-2020-10254)
Liferay Portal Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)