PT-2012-5953 · Phpmyadmin · Phpmyadmin

Mike Cardwell

Publicado

2012-10-25

Atualizado

2024-06-15

CVE-2012-5368

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions 3.5.x through 3.5.2

Description The issue allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks. This is due to the use of JavaScript code obtained through an HTTP session to phpmyadmin.net without SSL, which can be modified by attackers.

Recommendations For phpMyAdmin versions 3.5.x through 3.5.2, update to version 3.5.3 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2012-5368

GHSA-XPXP-V33M-5JP9

OPENSUSE-SU-2024:10054-1

Produtos afetados

Phpmyadmin

PT-2012-5953 · Phpmyadmin · Phpmyadmin

CVE-2012-5368

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 134