GHSA-8987-93fh-rcwq

Опубликовано: 14 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 6.1

Описание

phpMyAdmin Cross-site Scripting (XSS) vulnerability

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

Ссылки

Пакеты

Наименование

phpmyadmin/phpmyadmin

composer

Затронутые версииВерсия исправления

>= 4.0, < 4.8.4

4.8.4

EPSS

Процентиль: 78%

0.01216

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2018-19970

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-19970

CVSS3: 6.1

ubuntu

больше 6 лет назад

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

CVE-2018-19970

CVSS3: 6.1

nvd

больше 6 лет назад

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

CVE-2018-19970

CVSS3: 6.1

debian

больше 6 лет назад

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navi ...

openSUSE-SU-2018:4125-1

suse-cvrf

больше 6 лет назад

Security update for phpMyAdmin

openSUSE-SU-2018:4124-1

suse-cvrf

больше 6 лет назад

Security update for phpMyAdmin

EPSS

Процентиль: 78%

0.01216

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2018-19970

Дефекты

CWE-79