[development] filtering PHP_SELF

Chris Johnson cxjohnson at gmail.com
Tue Feb 27 12:37:28 UTC 2007

Looks to me like it is dependent on which version of PHP is being used.
Older versions running Drupal might still be vulnerable.  Using PHP 4.3.10,
I was not able to duplicate any of the example XSS attacks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20070227/aa5f2708/attachment.htm 

More information about the development mailing list