CVE-2011-4782

Publication date 22 December 2011

Last updated 24 July 2024


Ubuntu priority

Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.

Status

Package Ubuntu Release Status
phpmyadmin 14.04 LTS trusty
Not affected
13.10 saucy
Not affected
13.04 raring Ignored end of life
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric Ignored end of life
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy
Not affected

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
phpmyadmin