An issue exists in PHP prior to 5.6.33, 7.0.x prior to 7.0.27, 7.1.x prior to 7.1.13, and 7.2.x prior to 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php 7.2.0 |
||
php php |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 17.10 |