Описание
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:4.2.6-1 |
| esm-infra-legacy/trusty | not-affected | |
| lucid | not-affected | |
| precise | not-affected | |
| trusty | not-affected | |
| trusty/esm | not-affected | |
| upstream | released | 4.2.6 |
| utopic | not-affected | 4:4.2.6-1 |
Показывать по
3.5 Low
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLi ...
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
3.5 Low
CVSS2