phpMyAdmin 4.6.x before 4.6.3, when the environment lacks a PHP_SELF value,
allows remote attackers to conduct cookie-attribute injection attacks via a
crafted URI.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 14.04 | noarch | phpmyadmin | < any | UNKNOWN |
ubuntu | 16.04 | noarch | phpmyadmin | < any | UNKNOWN |