Cross-site Scripting (XSS)

2018-06-2202:58:40

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

51.8%

JSON

phpmyadmin is vulnerable to cross-site scripting (XSS) attacks. A malicious user can use the database variable to inject and execute arbitrary Javascript when the database variable is called through the designer feature.

CPENameOperatorVersion
phpmyadmin/phpmyadminle4.8.1

CPE	Name	Operator	Version
	phpmyadmin/phpmyadmin	le	4.8.1

References

github.com/phpmyadmin/composer/commit/6943fff87324bd54c3a37a5160a5fb77498c355e

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for VERACODE:6835