phpMyAdmin XSS Vulnerability
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Jul 25, 2023
Description
Published by the National Vulnerability Database
Jun 21, 2018
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Jul 25, 2023
Last updated
Jul 25, 2023
An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
References