PHP 7.1.x < 7.1.22 Transfer-Encoding Parameter XSS Vulnerability
Medium Nessus Plugin ID 117499
SynopsisThe version of PHP running on the remote web server is affected by a cross-site scripting vulnerability.
DescriptionAccording to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.22. It is, therefore, affected by a cross-site scripting vulnerability. An attacker could leverage this vulnerability to inject malicious code which executes within the security context of the affected site.
SolutionUpgrade to PHP version 7.1.22 or later.