CVE-2025-24530

CVSS v3.1

6.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions phpMyAdmin versions 5.x prior to 5.2.2

Description An issue has been discovered in the check tables feature of phpMyAdmin, where a crafted table or database name could be used for XSS. This allows for potential exploitation of the XSS weakness.

Recommendations To protect databases from remote exploitation, update to version 5.2.2. As a temporary workaround, consider restricting the use of crafted table or database names in the check tables feature until a patch is applied.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2025-14435

BIT-PHPMYADMIN-2025-24530

CVE-2025-24530

DLA-4121-1

GHSA-222V-CX2C-Q2F5

OPENSUSE-SU-2025:0081-1

OPENSUSE-SU-2025:14846-1

Affected Products

Debian

Red Os

Phpmyadmin

CVE-2025-24530

Weakness Enumeration

Related Identifiers

Affected Products

References · 41