CVE-2008-2960

Published: 02 July 2008

Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.

Priority

Negligible

Status

Package Release Status
phpmyadmin
Launchpad, Ubuntu, Debian
Upstream
Released (4:2.11.7~rc2-1)
Patches:
Upstream: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11326