logo

Database

Reflected cross-site scripting (XSS) In phpmyadmin/phpmyadmin

Description

cross-site scripting

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2018-72602. NVD-2018-72603. OSV-2018-72604. OSV-DEBIAN-2018-72605. GCVE-2018-72606. SECURITY-TRACKER-CVE-2018-7260

References

1. https://github.com/phpmyadmin/phpmyadmin/commit/d2886a32. https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin3. https://www.phpmyadmin.net/security/PMASA-2018-14. http://www.securityfocus.com/bid/103099

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.