Cross-site Scripting (XSS)
laminas/laminas-diactoros is vulnerable to cross-site scripting. The vulnerability exists in the fromGlobals function in IncomingRequestFactory.php due to insufficient sanitization in the ServerRequest which allows an attacker to modify server request from x forwarded header via the request paylo...