CVE-2007-5728

Name of the Vulnerable Software and Affected Versions phpPgAdmin versions 3.5 through 4.1.1 phpPgAdmin version 4.1.2

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP SELF in (1) "redirect.php", possibly related to (2) "login.php".

Recommendations For phpPgAdmin versions 3.5 through 4.1.1, update to a version that contains a fix for this issue. For phpPgAdmin version 4.1.2, if affected, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the "redirect.php" and "login.php" files until a patch is available.