Description

The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID.

Remediation

References

CVE-2007-5899

Related Vulnerabilities

WordPress Plugin File Manager Unspecified Vulnerability (4.1.4)

WordPress Plugin SportsPress-Sports Club & League Manager Cross-Site Scripting (2.7.1)

WebLogic Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-2725)

WordPress Plugin Eventr SQL Injection (1.02.2)

Oracle HTTP Server CVE-2014-0098 Vulnerability (CVE-2014-0098)

Severity

Medium

Classification

CVE-2007-5899 CWE-200

Tags

Missing Update Known Vulnerabilities