|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2010-06-26 12:14 UTC] staff at humaninternals dot com
-Package: Output Control
+Package: Unknown/Other Function
-PHP Version: 5.3SVN-2010-06-26 (snap)
+PHP Version: 5.3.0
[2010-06-26 12:14 UTC] staff at humaninternals dot com
[2010-06-26 12:19 UTC] pajoye@php.net
-Status: Open
+Status: Bogus
[2010-06-26 12:19 UTC] pajoye@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2026 The PHP GroupAll rights reserved. |
Last updated: Mon Feb 16 09:00:01 2026 UTC |
Description: ------------ I have currently tested this on PHP 5.3.0 on a Windows XP environment. Although it is unlikely that this type of data will be from user input but consider the test script. When an undefined index notice occurs the index itself is not sanitized allowing for XSS type attacks. Again it is very unlikely that this should come from user input but it is possible. Test script: --------------- error_reporting(E_ALL | E_STRICT); $a = array(); echo $a['<script>alert("A")</script>']; Expected result: ---------------- Notice: Undefined index: <script>alert("A")</script> in ...file... Actual result: -------------- Notice: Undefined index: in ...file... And a script alert popup.