New Search

PH Cross-site Scripting Vulnerability

oval:org.mitre.oval:def:485

Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Linux 9
Class:
vulnerability
Reference(s):
  • CVE-2003-0442
Product(s):
  • php