PHP 7.0.x < 7.0.32 Transfer-Encoding Parameter XSS Vulnerability
Medium Nessus Plugin ID 117498
SynopsisThe version of PHP running on the remote web server is affected by a cross-site scripting vulnerability.
DescriptionAccording to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.32. It is, therefore, affected by a cross-site scripting vulnerability. An attacker could leverage this vulnerability to inject malicious code which executes within the security context of the affected site.
SolutionUpgrade to PHP version 7.0.32 or later.