logo

Database

Reflected cross-site scripting (XSS) In phpmyadmin/phpmyadmin

Description

phpMyAdmin CSS Injection Vulnerability phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2017-10000152. NVD-2017-10000153. OSV-2017-10000154. OSV-DEBIAN-2017-10000155. GCVE-2017-10000156. SECURITY-TRACKER-CVE-2017-1000015

References

1. https://web.archive.org/web/20210123220229/http://www.securityfocus.com/bid/957262. https://www.phpmyadmin.net/security/PMASA-2017-4

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.