Project

General

Profile

Bug #9376

[3.8] phpmyadmin: XSS in the import dialog (CVE-2018-15605)

Added by Alicha CH 8 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
09/04/2018
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

A Cross-Site Scripting vulnerability was found in the file import feature, where an attacker
can deliver a payload to a user through importing a specially-crafted file.

Affected Versions:

phpMyAdmin versions prior to 4.8.3

Reference:

https://www.phpmyadmin.net/security/PMASA-2018-5/

Patch:

https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1

Associated revisions

Revision 370ae65e (diff)
Added by Natanael Copa 7 months ago

community/phpmyadmin: security upgrade to 4.8.3 (CVE-2018-15605)

fixes #9376

History

#1 Updated by Natanael Copa 7 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH 7 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed
  • Security IDs deleted (CVE-2018-15605)

Also available in: Atom PDF