Description
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.
Remediation
References
Related Vulnerabilities
WordPress Plugin File Manager Advanced Shortcode Arbitrary File Upload (2.5.3)
Spring Cloud Gateway Improper Certificate Validation Vulnerability (CVE-2022-22946)
WordPress Plugin Slider by 10Web-Responsive Image Slider Cross-Site Request Forgery (1.2.22)
WordPress Plugin Xorbin Analog Flash Clock Cross-Site Scripting (1.0)