Описание
Cross-site Scripting in phpmyadmin
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-23808
- https://github.com/phpmyadmin/phpmyadmin/commit/44eb12f15a562718bbe54c9a16af91ceea335d59
- https://github.com/phpmyadmin/phpmyadmin/commit/5118acce1dfcdb09cbc0f73927bf51c46feeaf38
- https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97
- https://security.gentoo.org/glsa/202311-17
- https://www.phpmyadmin.net/security/PMASA-2022-2
Пакеты
Наименование
phpmyadmin/phpmyadmin
composer
Затронутые версииВерсия исправления
>= 5.1.0, < 5.1.2
5.1.2
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 4 лет назад
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
CVSS3: 6.1
nvd
около 4 лет назад
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.
CVSS3: 6.1
debian
около 4 лет назад
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker ca ...
