logo

Database

Reflected cross-site scripting (XSS) In phpmyadmin/phpmyadmin

Description

phpMyAdmin Cross-site Scripting (XSS) vulnerability In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2018-199702. NVD-2018-199703. OSV-2018-199704. OSV-DEBIAN-2018-199705. GCVE-2018-199706. lists.debian.org7. security.gentoo.org8. SECURITY-TRACKER-CVE-2018-19970

References

1. https://www.phpmyadmin.net/security/PMASA-2018-82. http://www.securityfocus.com/bid/106181

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.