Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Improper Input Validation Vulnerability (CVE-2010-3870)

Description

CVE-2010-3870 php: XSS mitigation bypass via utf8_decode()

Remediation

References

Related Vulnerabilities

WordPress Plugin Simple Business Directory with Maps PHP Object Injection (3.6.0)

WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.5)

WordPress Plugin Admin side data storage for Contact Form 7 Cross-Site Scripting (1.1.1)

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5204)

Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)

Severity

Medium

Classification

CVE-2010-3870 CWE-20

Tags

Missing Update Known Vulnerabilities