PEAR HTTP_Request2 Cross-Site Scripting Vulnerability in Test Files

A cross-site scripting (XSS) vulnerability has been identified in PEAR HTTP_Request2 versions prior to 2.7.0. This issue arises from multiple files in the tests directory, particularly tests/_network/getparameters.php and tests/_network/postparameters.php, which reflect any GET or POST parameters without proper sanitization.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, upload the PEAR HTTP_Request2 package version prior to 2.7.0 to a server. Then, ensure that the files in the '_network' directory are served by a web server. This can be done by copying the files to a directory under the server's document root or by creating a symbolic link. Once the files are accessible, send a request to 'getparameters.php' or 'postparameters.php' with the desired parameters. The response will reflect the parameters without proper encoding, creating an XSS vulnerability. After the vulnerability is reproduced, the test files can be removed or the server can be taken down.

Remediation

Users can upgrade to PEAR HTTP_Request2 version 2.7.0 or later, where this vulnerability has been fixed.