GHSA-3p87-w3c5-27gf

Suggest an improvement
Source
https://github.com/advisories/GHSA-3p87-w3c5-27gf
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3p87-w3c5-27gf/GHSA-3p87-w3c5-27gf.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-3p87-w3c5-27gf
Aliases
  • CVE-2011-3591
Published
2022-05-17T04:19:07Z
Modified
2024-01-15T18:41:35.640880Z
Summary
phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
Details

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js.

References

Affected packages

Packagist / phpmyadmin/phpmyadmin

Package

Name
phpmyadmin/phpmyadmin
Purl
pkg:composer/phpmyadmin/phpmyadmin

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.4.0
Fixed
3.4.5