OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
PHP Trans SID XSS (Was: New php release with security fixes)

From: Sverre H. Huseby (shhthathost.com)
Date: Fri May 30 2003 - 07:41:53 CDT


It also fixes the following, which wasn't mentioned in the summary (or
elsewhere, as far as I can see):

  "Cross-site Scripting in PHP's Transparent Session ID Support"
   http://shh.thathost.com/secadv/2003-05-11-php.txt

Sverre.

--
shhthathost.com
http://shh.thathost.com/