phpmyadmin
Page content
- Author: Miklos Vajna
- Vulnerable: 3.4.7.1-1mores1
- Unaffected: 3.4.8-1mores1
Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs.
- Bug Tracker URL: https://bugs.frugalware.org/ticket/4640