EPSS
Percentile
23.5%
phpmyadmin/phpmyadmin is vulnerable to Cross-site Scripting (XSS). An authenticated user is able to execute malicious code on a victim’s browser by uploading a specially-crafted .sql file through the drag-and-drop interface.
.sql
github.com/advisories/GHSA-6hr3-44gx-g6wh
github.com/phpmyadmin/phpmyadmin/commit/53f70fd7f3b388639922e6cc1ca51fbe890c91cc
github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e
www.phpmyadmin.net/security/PMASA-2023-1/