### [CVE-2018-5712](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

### POC

#### Reference
- https://www.oracle.com/security-alerts/cpuapr2020.html

#### Github
No PoCs found on GitHub currently.