CVE-2025-24529

CVSS v3.1

6.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions prior to 5.2.2

Description An issue has been discovered in the Insert tab of phpMyAdmin, where a Cross-Site Scripting (XSS) vulnerability has been found. This allows for malicious scripts to be injected into the webpage, potentially leading to unauthorized access or data theft.

Recommendations For versions prior to 5.2.2, update to version 5.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Insert tab until a patch is available.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2025-14434

BDU:2025-14435

BIT-PHPMYADMIN-2025-24529

CVE-2025-24529

DLA-4121-1

OPENSUSE-SU-2025:0081-1

OPENSUSE-SU-2025:14846-1

Affected Products

Debian

Red Os

Phpmyadmin

CVE-2025-24529

Weakness Enumeration

Related Identifiers

Affected Products

References · 34