CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
68.2%
The phpMyAdmin development team reports:
Using crafted database names, it was possible to produce XSS
in the Database Synchronize and Database rename panels. Using
an invalid and crafted SQL query, it was possible to produce
XSS when editing a query on a table overview panel or when
using the view creation dialog. Using a crafted column type,
it was possible to produce XSS in the table search and create
index dialogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | <Β 3.4.8.r1 | UNKNOWN |