Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS12Y3djLTZtcjktOG03Y80l9A

Moderate EPSS: 0.68566% (0.98552 Percentile) EPSS:
Permalink JSON

Cross-site Scripting in phpmyadmin

Affected Packages Affected Versions Fixed Versions
packagist:phpmyadmin/phpmyadmin >= 5.1.0, < 5.1.2 5.1.2
4 Dependent packages
15 Dependent repositories
353,741 Downloads total

Affected Version Ranges

All affected versions

5.1.0, 5.1.1

All unaffected versions

4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.10, 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 4.7.7, 4.7.8, 4.7.9, 4.8.0, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 4.9.11, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.1.2, 5.1.3, 5.1.4, 5.2.0, 5.2.1, 5.2.2

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

References:

Identifiers

GHSA-vcwc-6mr9-8m7c

CVE-2022-23808

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.68566

EPSS Percentile: 0.98552

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/phpmyadmin/phpmyadmin

Date and time

Published

over 3 years ago

Updated

over 1 year ago

API

JSON