CVE-2018-19970

Опубликовано: 11 дек. 2018

Источник: debian

EPSS Низкий

Описание

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:4.9.1+dfsg1-2		package
phpmyadmin	fixed	4:4.6.6-4+deb9u1	stretch	package

Примечания

https://www.phpmyadmin.net/security/PMASA-2018-8/
https://github.com/phpmyadmin/phpmyadmin/commit/b293ff5f234ef493336ed8638f623a12164d359e

EPSS

Процентиль: 78%

0.01216

Низкий

Связанные уязвимости

CVE-2018-19970

CVSS3: 6.1

ubuntu

больше 6 лет назад

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

CVE-2018-19970

CVSS3: 6.1

nvd

больше 6 лет назад

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

GHSA-8987-93fh-rcwq

CVSS3: 6.1

github

около 3 лет назад

phpMyAdmin Cross-site Scripting (XSS) vulnerability

openSUSE-SU-2018:4125-1

suse-cvrf

больше 6 лет назад

Security update for phpMyAdmin

openSUSE-SU-2018:4124-1

suse-cvrf

больше 6 лет назад

Security update for phpMyAdmin

EPSS

Процентиль: 78%

0.01216

Низкий