CVE-2022-23808

Опубликовано: 22 янв. 2022

Источник: debian

EPSS Средний

Описание

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
phpmyadmin	fixed	4:5.1.3+dfsg1-1		package

Примечания

https://www.phpmyadmin.net/security/PMASA-2022-2/
https://github.com/phpmyadmin/phpmyadmin/commit/5118acce1dfcdb09cbc0f73927bf51c46feeaf38
https://github.com/phpmyadmin/phpmyadmin/commit/44eb12f15a562718bbe54c9a16af91ceea335d59
https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/28 (setup not available)

EPSS

Процентиль: 99%

0.68413

Средний

Связанные уязвимости

CVE-2022-23808

CVSS3: 6.1

ubuntu

около 4 лет назад

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

CVE-2022-23808

CVSS3: 6.1

nvd

около 4 лет назад

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

GHSA-vcwc-6mr9-8m7c

CVSS3: 6.1

github

около 4 лет назад

Cross-site Scripting in phpmyadmin

openSUSE-SU-2023:0047-1

suse-cvrf

почти 3 года назад

Security update for phpMyAdmin

EPSS

Процентиль: 99%

0.68413

Средний