Fix #4475

1 files changed, 8 insertions, 1 deletions

diff --git a/system/core/Security.php b/system/core/Security.php
index bad511dd3..d5305d1ca 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -762,7 +762,14 @@ class CI_Security {
 	 */
 	public function strip_image_tags($str)
 	{
-		return preg_replace(array('#<img[\s/]+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img[\s/]+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+		return preg_replace(
+			array(
+				'#<img[\s/]+.*?src\s*=\s*(["\'])([^\\1]+?)\\1.*?\>#i',
+				'#<img[\s/]+.*?src\s*=\s*?(([^\s"\'=<>`]+)).*?\>#i'
+			),
+			'\\2',
+			$str
+		);
 	}
 
 	// ----------------------------------------------------------------