Zend/Diactoros/Uri::filterPath in zend-diactoros prior to 1.0.4 does not properly sanitize path input, which allows remote malicious users to perform cross-site scripting (XSS) or open redirect attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zend diactoros |