PHP 7.1.x < 7.1.22 Transfer-Encoding Parameter XSS Vulnerability

medium Nessus Plugin ID 117499

Version 1.11

Nov 22, 2024, 4:32 PM

  • Plugin metadata (remove script_exclude_keys for CGI scanning)

Plugin Feed: 202411221632

Version 1.10

Aug 7, 2024, 7:05 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202408070705

Version 1.9

May 28, 2024, 5:14 PM

  • Required Scan configuration ("Enable cgi scanning" set to "True")

Plugin Feed: 202405281714

* Changelogs are generally available for changes made after Nov 1, 2022