GHSA-5gh4-v2ch-pcx4
Suggest an improvement- Source
- https://github.com/advisories/GHSA-5gh4-v2ch-pcx4
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-5gh4-v2ch-pcx4/GHSA-5gh4-v2ch-pcx4.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-5gh4-v2ch-pcx4
- Aliases
- Published
- 2022-05-17T05:07:14Z
- Modified
- 2023-11-01T04:45:15.966210Z
- Summary
- phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.
- Database specific
{ "nvd_published_at": "2013-07-31T13:20:00Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-08-29T18:27:59Z" }- References
Affected packages
Packagist / phpmyadmin/phpmyadmin
Package
- Name
- phpmyadmin/phpmyadmin
- Purl
- pkg:composer/phpmyadmin/phpmyadmin