CVE-2021-43698

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/phpwhois/phpwhois

Identifiers

CVE-2021-43698

Package Slug

packagist/phpwhois/phpwhois

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

PhpWhois is affected by a Cross Site Scripting (XSS) vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message contains the result of the $_GET['query'] leading to an XSS vulnerability.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-11-30

source