PT-2017-10723 · Mysql Server · Mysqldumper
Published
2017-07-13
·
Updated
2017-08-15
·
CVE-2017-1000012
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
MySQL Dumper version 1.24
Description
The issue allows for stored XSS when displaying database data to the user.
Recommendations
For MySQL Dumper version 1.24, update to a version that includes a fix for this issue, if available. As a temporary workaround, consider validating and sanitizing user input to prevent malicious data from being stored in the database. Restrict access to sensitive database data to minimize the risk of exploitation.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mysqldumper