The output_add_rewrite_var function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote malicious users to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |