Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-01-13T23:00:00
Updated: 2024-08-07T16:25:33.982Z
Reserved: 2006-01-13T00:00:00
Link: CVE-2006-0208
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-01-13T23:03:00.000
Modified: 2024-11-21T00:05:55.587
Link: CVE-2006-0208
Redhat