Описание
Security update for phpMyAdmin
phpMyAdmin was updated to fix one security issue.
The following vulnerability was fixed:
- CVE-2016-5099: Self XSS vulneratbility - A specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page (boo#982128, PMASA-2016-16)
Список пакетов
openSUSE Leap 42.1
phpMyAdmin-4.4.15.6-19.1
Ссылки
- E-Mail link for openSUSE-SU-2016:1434-1
- SUSE Security Ratings
Описание
Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.
Затронутые продукты
openSUSE Leap 42.1:phpMyAdmin-4.4.15.6-19.1
Ссылки
- CVE-2016-5099
- SUSE Bug 982126
- SUSE Bug 982128