← back
CVE-2018-5712

CVE-2018-5712

EPSS 80.3%
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://php.net/ChangeLog-5.phphttp://php.net/ChangeLog-7.phphttps://access.redhat.com/errata/RHSA-2018:1296https://access.redhat.com/errata/RHSA-2019:2519https://bugs.php.net/bug.php?id=74782https://lists.debian.org/debian-lts-announce/2018/01/msg00025.htmlhttps://usn.ubuntu.com/3566-1/https://usn.ubuntu.com/3600-1/https://usn.ubuntu.com/3600-2/https://www.oracle.com/security-alerts/cpuapr2020.htmlhttp://www.securityfocus.com/bid/102742http://www.securityfocus.com/bid/104020