CVE-2018-19785

Name of the Vulnerable Software and Affected Versions PHP-Proxy versions prior to 5.1.0 PHP-Proxy-App versions prior to 3.0

Description The issue is related to insufficient protection of the web page structure in the index.php component of the PHP-Proxy web proxy script, allowing a remote attacker to perform cross-site scripting (XSS) attacks via the URL field in index.php.

Recommendations For PHP-Proxy versions prior to 5.1.0, update to version 5.1.0 or later to resolve the issue. For PHP-Proxy-App versions prior to 3.0, update to version 3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the URL field in index.php to minimize the risk of exploitation.