Server side cross-site scripting In phpmyadmin/phpmyadmin
Description
phpMyAdmin XSS Vulnerability Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) search query, or (4) hostname in a Location header.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 packagist | 4.0.10.13, 4.4.15.3, 4.5.4 | ||
 debian 11 | 4:4.5.4-1 | ||
debian 12 | 4:4.5.4-1 | ||
debian 13 | 4:4.5.4-1 |
Aliases
1. 2. 3. 4. 5. 6.
References
1. 2. 3. 4. 5. 6. 7. 8. 9.