{"id":"CVE-2008-5185","details":"The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service (infinite loop) via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using \"\u003c\".","modified":"2026-01-27T04:09:21.597915Z","published":"2008-11-21T02:30:00Z","withdrawn":"2026-01-27T04:09:21.597915Z","references":[{"type":"WEB","url":"http://geshi.svn.sourceforge.net/viewvc/geshi/trunk/geshi-1.0.X/src/geshi.php?r1=1321&r2=1322&view=patch"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2008/11/20/4"},{"type":"WEB","url":"http://www.securityfocus.com/bid/32377"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46769"}],"schema_version":"1.7.3"}