CVE-2007-2245

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions prior to 2.10.1.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities can be exploited via the fieldkey parameter to the "/browse foreigners.php" endpoint or through certain input to the PMA sanitize function.

Recommendations For versions prior to 2.10.1.0, update to version 2.10.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/browse foreigners.php" endpoint and limiting the use of the PMA sanitize function until a patch is applied. Avoid using the fieldkey parameter in the affected endpoint until the issue is resolved.