Fedora Account System
Red Hat Associate
Red Hat Customer
tracking bug +++ This bug was initially created as a clone of Bug #172212 +++ Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment." http://www.hardened-php.net/advisory_182005.77.html This issue should also affect FC3
Fixed in Raw Hide with update to 5.1.1.