diff -r 80c903b0ec9c -r 59fee40b4644 includes/functions.php
--- a/includes/functions.php	Mon Dec 28 12:19:47 2009 -0500
+++ b/includes/functions.php	Mon Dec 28 16:52:41 2009 -0500
@@ -1852,8 +1852,8 @@
   // Vulnerability reported by fuzion from nukeit.org:
   // XSS in closing HTML tag style attribute
   // Fix: escape all closing tags with non-whitelisted characters
-  $html = preg_replace('!</((?:.*)([^a-z0-9-_:]+)(?:.*))>!', '&lt;/\\1&gt;', $html);
-
+  $html = preg_replace('!</((?:[^>]*)([^a-z0-9_:>-]+)(?:[^>]*))>!i', '&lt;/\\1&gt;', $html);
+  
   // Restore stripped comments
   $i = 0;
   foreach ( $comment_match[0] as $comment )
@@ -1870,8 +1870,9 @@
     $i++;
   }
 
+  // debug
+  // return '<pre>' . htmlspecialchars($html) . '</pre>';
   return $html;
-
 }
 
 /**