Description PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. Remediation References CVE-2017-9118 Related Vulnerabilities WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5488) WordPress Plugin The Sorter SQL Injection (1.0) Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29051) WordPress Plugin Direct Download for Woocommerce Arbitrary File Download (1.15) WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023) Severity High Classification CVE-2017-9118 CWE-125 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Tags Missing Update Known Vulnerabilities