CVE-2016-9861: Incomplete List of Disallowed Inputs

December 11, 2016 (updated July 1, 2017)

An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection.

References

nvd.nist.gov/vuln/detail/CVE-2016-9861
www.phpmyadmin.net/security/PMASA-2016-66

Code Behaviors & Features

Detect and mitigate CVE-2016-9861 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →