exploitDog

CVE-2014-4348

Опубликовано: 20 июн. 2014

Источник: redhat

CVSS2: 4.3

Описание

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.

Отчет

Not vulnerable. This issue did not affect the versions of phpMyAdmin as shipped with any Red Hat product.

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2014-4348

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=1117600phpMyAdmin: Self-XSS due to unescaped HTML output in recent/favorite tables navigation

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2014-4348

ubuntu

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.

CVE-2014-4348

nvd

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.

CVE-2014-4348

debian

почти 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2. ...

GHSA-r43q-435x-vmw7

github

около 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.

4.3 Medium

CVSS2