Medium
CVSS 6.4
Overview
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
CVE-2007-5898
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 acce...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 6.4 (MEDIUM)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.