The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).
Max CVSS
5.0
EPSS Score
1.23%
Published
2010-11-10
Updated
2011-05-04
1 vulnerabilities found