Описание
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| phpmyadmin | fixed | 4:2.6.4-pl4-1 | package |
Примечания
https://www.phpmyadmin.net/security/PMASA-2005-7/
https://github.com/phpmyadmin/phpmyadmin/commit/0191fc3c33feb809cf668f018ad53dc35061fe4c
https://github.com/phpmyadmin/phpmyadmin/commit/2e5c10aa2fc10fb1004aac7db78ebdaac21b9220
https://github.com/phpmyadmin/phpmyadmin/commit/053d90b6019959c3a503d6b12b9cd23dc31df2be
EPSS
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via (1) the cookie-based login panel, (2) the title parameter and (3) the table creation dialog.
EPSS