|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2010-06-26 12:14 UTC] staff at humaninternals dot com
-Package: Output Control
+Package: Unknown/Other Function
-PHP Version: 5.3SVN-2010-06-26 (snap)
+PHP Version: 5.3.0
[2010-06-26 12:14 UTC] staff at humaninternals dot com
[2010-06-26 12:19 UTC] pajoye@php.net
-Status: Open
+Status: Bogus
[2010-06-26 12:19 UTC] pajoye@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Dec 12 01:00:01 2025 UTC |
Description: ------------ I have currently tested this on PHP 5.3.0 on a Windows XP environment. Although it is unlikely that this type of data will be from user input but consider the test script. When an undefined index notice occurs the index itself is not sanitized allowing for XSS type attacks. Again it is very unlikely that this should come from user input but it is possible. Test script: --------------- error_reporting(E_ALL | E_STRICT); $a = array(); echo $a['<script>alert("A")</script>']; Expected result: ---------------- Notice: Undefined index: <script>alert("A")</script> in ...file... Actual result: -------------- Notice: Undefined index: in ...file... And a script alert popup.