CVE-2022-23808

Опубликовано: 22 янв. 2022

Источник: debian

Описание

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:5.1.3+dfsg1-1		package

Примечания

https://www.phpmyadmin.net/security/PMASA-2022-2/
https://github.com/phpmyadmin/phpmyadmin/commit/5118acce1dfcdb09cbc0f73927bf51c46feeaf38
https://github.com/phpmyadmin/phpmyadmin/commit/44eb12f15a562718bbe54c9a16af91ceea335d59
https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/28 (setup not available)

Связанные уязвимости

CVE-2022-23808

CVSS3: 6.1

ubuntu

больше 3 лет назад

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

CVE-2022-23808

CVSS3: 6.1

nvd

больше 3 лет назад

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

GHSA-vcwc-6mr9-8m7c

CVSS3: 6.1

github

больше 3 лет назад

Cross-site Scripting in phpmyadmin

openSUSE-SU-2023:0047-1

suse-cvrf

больше 2 лет назад

Security update for phpMyAdmin