CVE-2025-43717

MEDIUM Year: 2025
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-531
View all →

Vulnerability Description

In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading to XSS.

Related Vulnerabilities

CVE-2024-42213

MEDIUM
CVSS:5.3(Medium)

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misc...

CWE-5312024

CVE-2024-42213

MEDIUM
CVSS:5.3(Medium)

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misc...

CWE-5312024