← volver
CVE-2016-5731

CVE-2016-5731

EPSS 1.8%
Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-updates/2016-06/msg00113.htmlhttp://lists.opensuse.org/opensuse-updates/2016-06/msg00114.htmlhttps://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48chttps://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94abhttps://security.gentoo.org/glsa/201701-32https://www.phpmyadmin.net/security/PMASA-2016-24/http://www.debian.org/security/2016/dsa-3627