Description

The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

Remediation

References

CVE-2007-5898

Related Vulnerabilities

Ruby on Rails CVE-2019-5418 Vulnerability (CVE-2019-5418)

LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7556)

MySQL CVE-2019-2747 Vulnerability (CVE-2019-2747)

Oracle HTTP Server CVE-2013-5704 Vulnerability (CVE-2013-5704)

SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1595)

Severity

Medium

Classification

CVE-2007-5898

Tags

Missing Update Known Vulnerabilities