PHP 7.2.x < 7.2.10 Transfer-Encoding Parameter XSS Vulnerability
Medium Nessus Plugin ID 117500
SynopsisThe version of PHP running on the remote web server is affected by a cross-site scripting vulnerability.
DescriptionAccording to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.10. It is, therefore, affected by a cross-site scripting vulnerability. An attacker could leverage this vulnerability to inject malicious code which executes within the security context of the affected site.
SolutionUpgrade to PHP version 7.2.10 or later.