FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- self XSS in central columns feature

Affected packages
4.7.0 <= phpMyAdmin < 4.7.8

Details

VuXML ID 261ca31c-179f-11e8-b8b9-6805ca0b3d42
Discovery 2018-02-21
Entry 2018-02-22

The phpMyAdmin team reports:

Summary

Self XSS in central columns feature

Description

A self-cross site scripting (XSS) vulnerability has been reported relating to the central columns feature.

Severity

We consider this vulnerability to be of moderate severity.

Mitigation factor

A valid token must be used in the attack

[source]

References

CVE Name CVE-2018-7260
URL https://www.phpmyadmin.net/security/PMASA-2018-1/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.