CVE-2007-5728

Publication date 30 October 2007

Last updated 24 July 2024


Ubuntu priority

Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.

Status

Package Ubuntu Release Status
phppgadmin 9.10 karmic
Fixed 4.1.3-0.1
9.04 jaunty
Fixed 4.1.3-0.1
8.10 intrepid
Fixed 4.1.3-0.1
8.04 LTS hardy
Fixed 4.1.3-0.1
7.10 gutsy Ignored end of life, was needed
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life