PHP 4 PHPInfo Cross-Site Scripting Vulnerability

ID SSV:76523
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


Scripts that include the PHP phpinfo() debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML. If this link is visited, the attacker-supplied code may be rendered in the browser of the user who visit the malicious link.[code]

where [code] equals hostile HTML or script code.