Описание
Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| phpmyadmin | fixed | 4:4.9.1+dfsg1-2 | package | |
| phpmyadmin | fixed | 4:4.6.6-4+deb9u1 | stretch | package |
| phpmyadmin | not-affected | jessie | package | |
| phpmyadmin | not-affected | wheezy | package |
Примечания
https://github.com/phpmyadmin/phpmyadmin/commit/d2886a3e8745e8845633ae8a0054b5ee4d8babd5
https://www.phpmyadmin.net/security/PMASA-2018-1/
EPSS
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
EPSS