phpMyAdmin Cross-Site Scripting Vulnerability (CNVD-2022-08031)

2022-01-2500:00:00

China National Vulnerability Database

www.cnvd.org.cn

phpmyadmin

cross-site scripting

vulnerability

mysql

database

web-based

management tool

validation

client-side

exploit

cnvd-2022-08031

EPSS

0.013

Percentile

86.2%

JSON

phpMyAdmin is a free, web-based MySQL database management tool from the Phpmyadmin team. The tool is capable of creating and deleting databases, creating, deleting and modifying database tables, executing SQL script commands, etc. phpMyAdmin suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code.