Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-5712 - Vulnerability Database
PHP

PHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-5712

Medium
Reference: CVE-2018-5712
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-5712
Title: PHP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

An issue was discovered in PHP before 5.6.33 7.0.x before 7.0.27 7.1.x before 7.1.13 and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.