Описание
phpMyAdmin XSS Vulnerability
An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-12581
- https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
- https://web.archive.org/web/20210124181711/http://www.securityfocus.com/bid/104530
- https://web.archive.org/web/20210413204012/http://www.securitytracker.com/id/1041187
- https://www.phpmyadmin.net/security/PMASA-2018-3
Пакеты
phpmyadmin/phpmyadmin
< 4.8.2
4.8.2
Связанные уязвимости
An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
An issue was discovered in js/designer/move.js in phpMyAdmin before 4. ...
