Описание
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4:4.5.4-1 |
| bionic | not-affected | 4:4.5.4-1 |
| cosmic | not-affected | 4:4.5.4-1 |
| devel | not-affected | 4:4.5.4-1 |
| disco | not-affected | 4:4.5.4-1 |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 4:4.5.4-1 |
| esm-apps/focal | not-affected | 4:4.5.4-1 |
| esm-apps/jammy | not-affected | 4:4.5.4-1 |
| esm-apps/noble | not-affected | 4:4.5.4-1 |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x ...
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3