Description

Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.

Remediation

References

CVE-2003-0442

Related Vulnerabilities

WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (4.0.48)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.3.2)

MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30156)

MySQL CVE-2020-2923 Vulnerability (CVE-2020-2923)

WordPress Plugin WP GPX Maps 'wp-gpx-maps_admin_tracks.php' Arbitrary File Upload (1.1.22)

Severity

Medium

Classification

CVE-2003-0442

Tags

Missing Update Known Vulnerabilities