Lucene search

K
osvGoogleOSV:GHSA-969F-V7JV-PGJ3
HistoryMay 04, 2024 - 9:30 p.m.

ThinkPHP Cross-Site Scripting Vulnerability

2024-05-0421:30:33
Google
osv.dev
4
thinkphp
remote attackers
discover
phpsession
cookie
error message
crafted uri
get request

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

ThinkPHP 8.0.3 allows remote attackers to exploit XSS due to inadequate filtering of function argument values in think_exception.tpl.

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for OSV:GHSA-969F-V7JV-PGJ3