Cross-Site Scripting and Open Redirection vulnerability in extension phpMyAdmin (phpmyadmin)

2011-05-23T00:00:00
ID TYPO3-SA-2011-005
Type typo3
Reporter TYPO3 Association
Modified 2011-05-23T00:00:00

Description

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting and Open Redirection.

Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.

Affected Versions: Version 4.10.3 and below

Vulnerability Type: Cross-Site Scripting, Open Redirection

Severity: Medium

Suggested CVSS v2.0: AV:N/AC:M/Au:S/C:P/I:N/A:N/E:ND/RL:OF/RC:C (What's that?)

References: PMASA-2011-3, PMASA-2011-4

Release Date: 23.05.2011

Problem Description: By creating a crafted table name and tricking an admin to visit a specific page, an attacker is able to exploit a Cross-Site Scripting vulnerability. Furthermore, it's possible to redirect an admin to an arbitrary, untrusted website.

Solution: An updated version 4.11.0 is available from the TYPO3 extension manager and attypo3.org/extensions/repository/view/phpmyadmin/4.11.0/. Users of the extension are advised to update the extension as soon as possible.

The TYPO3 Security Team requests TYPO3 administrators to consider our advice from TYPO3-SA-2009-015 to either use extension phpMyAdmin only on development servers or to use the phpMyAdmin standalone application on production servers.

This advice is also relevant in context of the TYPO3 Security Team not being informed about this security fix by the extension maintainer. Therefore, the TYPO3 Security Team cannot guarantee to publish advisories along with future security fixes released by the extension maintainer.

Credits: The vendor of the standalone product credits "dave b" and Kian Mohageri.

General advice: Follow the recommendations that are given in the TYPO3 Security Cookbook. Please subscribe to thetypo3-announce mailing list to receive future Security Bulletins via E-mail.