Описание
Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:3.4.11-1 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | not-affected | 4:3.4.5-1 |
| precise | not-affected | 4:3.4.10.1-1 |
| quantal | not-affected | 4:3.4.11-1 |
| raring | not-affected | 4:3.4.11-1 |
| saucy | not-affected | 4:3.4.11-1 |
Показывать по
EPSS
3.5 Low
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation.
Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlin ...
EPSS
3.5 Low
CVSS2