Описание
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | released 4:2.11.2.2-1 |
| edgy | ignored | end of life, was needed |
| feisty | released | 4:2.9.1.1-2ubuntu1.1 |
| gutsy | released | 4:2.10.3-1ubuntu0.1 |
| hardy | not-affected | released 4:2.11.2.2-1 |
| intrepid | not-affected | released 4:2.11.2.2-1 |
| jaunty | not-affected | released 4:2.11.2.2-1 |
| karmic | not-affected | released 4:2.11.2.2-1 |
| upstream | released | 2.11.2.2 |
Показывать по
Ссылки на источники
2.6 Low
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth ...
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.
2.6 Low
CVSS2