GHSA-5pvv-f8h3-gw96, CVE-2009-3696
packagist/phpmyadmin/phpmyadmin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
All versions starting from 2.11.0 before 2.11.9.6, all versions starting from 3.0.0 before 3.2.2.1
Upgrade to versions 2.11.9.6, 3.2.2.1 or above.
2024-02-19
source |