Описание
Cross-site Scripting in phpmyadmin
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-23808
- https://github.com/phpmyadmin/phpmyadmin/commit/44eb12f15a562718bbe54c9a16af91ceea335d59
- https://github.com/phpmyadmin/phpmyadmin/commit/5118acce1dfcdb09cbc0f73927bf51c46feeaf38
- https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97
- https://security.gentoo.org/glsa/202311-17
- https://www.phpmyadmin.net/security/PMASA-2022-2
Пакеты
Наименование
phpmyadmin/phpmyadmin
composer
Затронутые версииВерсия исправления
>= 5.1.0, < 5.1.2
5.1.2
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 3 лет назад
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
CVSS3: 6.1
nvd
больше 3 лет назад
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
CVSS3: 6.1
debian
больше 3 лет назад
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker ca ...
