[MEDIUM] Potential XSS and Open Redirect vectors in zend-diactoros

PKSA-bxdp-npw4-xhsq CVE-2015-3257 GHSA-rh3c-7wqx-6w95

Affected package: zendframework/zend-diactoros

Affected version: >=1.0.0,<1.0.4

Reported by:
GitHub, FriendsOfPHP/security-advisories