CVE-2011-3598
Published: 8 October 2011
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php.
Priority
Status
Package | Release | Status |
---|---|---|
phppgadmin Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(5.0.3-1)
|
|
precise |
Not vulnerable
(5.0.3-1)
|
|
quantal |
Not vulnerable
(5.0.4-1)
|
|
raring |
Not vulnerable
(5.0.4-1)
|
|
saucy |
Not vulnerable
(5.0.4-1)
|
|
upstream |
Released
(5.0.3)
|
|
Patches: upstream: https://github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842 |