Description
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.
Remediation
References
Related Vulnerabilities
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11111)
phpBB CVE-2010-1630 Vulnerability (CVE-2010-1630)
WordPress Plugin GNU-Mailman Integration Cross-Site Scripting (1.0.6)
WordPress Plugin Slideshow Gallery LITE Multiple Cross-Site Scripting Vulnerabilities (1.6.5)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333)