Description
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
Remediation
References
Related Vulnerabilities
MongoDb Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6494)
Oracle Database Server CVE-2022-21247 Vulnerability (CVE-2022-21247)
WordPress Plugin Profile Extra Fields by BestWebSoft Cross-Site Scripting (1.0.7)
WordPress Plugin WP Responsive Testimonials Slider And Widget Cross-Site Scripting (1.5)