Description

Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.

Remediation

References

CVE-2003-0442

Related Vulnerabilities

WordPress Improper Restriction of XML External Entity Reference Vulnerability (CVE-2021-29447)

WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.9.7)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0335)

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3663)

WordPress Plugin WP Portfolio Gallery Cross-Site Scripting (1.0.0)

Severity

Medium

Classification

CVE-2003-0442

Tags

Missing Update Known Vulnerabilities