VYPR
Medium severity5.4NVD Advisory· Published Apr 17, 2025· Updated Apr 15, 2026

CVE-2025-43717

CVE-2025-43717

Description

In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading to XSS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pear/http_request2Packagist
< 2.7.02.7.0

Affected products

1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.