phpmyadmin
Page content
- Author: Miklos Vajna
- Vulnerable: 2.11.9.1-1solaria1
- Unaffected: 2.11.9.2-1solaria1
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. An error exists in the “PMA_escapeJsString()” function in libraries/js_escape.lib.php, which can be exploited to bypass certain filters and execute arbitrary HTML and script code in a user’s browser session in context of an affected site when e.g. Microsoft Internet Explorer is used.
- Bug Tracker URL: http://bugs.frugalware.org/task/3361
CVEs:
- There is no CVE for this issue yet, see http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8.