Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-xpxp-v33m-5jp9

Опубликовано: 17 мая 2022
Источник: github
Github: Прошло ревью

Описание

phpMyAdmin Unsafe Fetching of Javascript Code

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

Ссылки

Пакеты

Наименование

phpmyadmin/phpmyadmin

composer
Затронутые версииВерсия исправления

>= 3.5, < 3.5.3

3.5.3

EPSS

Процентиль: 62%
0.00428
Низкий

CVE ID

CVE-2012-5368

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2012-5368

ubuntu
больше 12 лет назад

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

nvd логотип

CVE-2012-5368

nvd
больше 12 лет назад

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

debian логотип

CVE-2012-5368

debian
больше 12 лет назад

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained th ...

EPSS

Процентиль: 62%
0.00428
Низкий

CVE ID

CVE-2012-5368

Дефекты

CWE-79