Your submission was sent successfully! Close

CVE-2006-0208

Published: 13 January 2006

Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.

Priority

Unknown

Status

Package Release Status
php4
Launchpad, Ubuntu, Debian
Upstream Needs triage

php5
Launchpad, Ubuntu, Debian
Upstream Needs triage