Описание
Security update for phpMyAdmin
This update for phpMyAdmin to version 4.8.3 addresses multiple issues.
Security issues fixed:
- CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file (PMASA-2018-5, boo#1105726)
This update also contains a number of upstream bug fixes in the UI and behavior.
Список пакетов
SUSE Package Hub for SUSE Linux Enterprise 12
phpMyAdmin-4.8.3-bp150.3.3.1
SUSE Package Hub for SUSE Linux Enterprise 15
phpMyAdmin-4.8.3-bp150.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:2525-1
- SUSE Security Ratings
Описание
An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.
Затронутые продукты
SUSE Package Hub for SUSE Linux Enterprise 12:phpMyAdmin-4.8.3-bp150.3.3.1
SUSE Package Hub for SUSE Linux Enterprise 15:phpMyAdmin-4.8.3-bp150.3.3.1
Ссылки
- CVE-2018-15605
- SUSE Bug 1105726