[eluser]WebMada[/eluser]
Hello!
I am using CI 2.0.2 and even if i set $config['global_xss_filtering'] = TRUE, my site stays vulnerable according to security scanners, but another site with CI 1.7 appears safe!
So, I think there is a regression between 1.7 to 2.0???
I have to use directly
$this->security->xss_clean() for watching the filtering working!
Another remark: in 1.7, using $this->input->post() protects us from sql injection but now in 2.0, it isn't! Is this also a bug?