CVE-2009-3696
Published: 16 October 2009
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
Priority
Status
Package | Release | Status |
---|---|---|
phpmyadmin Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(4:2.11.3-1ubuntu1.3)
|
|
intrepid |
Released
(4:2.11.8.1-1ubuntu0.2)
|
|
jaunty |
Released
(4:3.1.2-1ubuntu0.2)
|
|
karmic |
Not vulnerable
(4:3.2.2.1-1)
|
|
upstream |
Released
(3.2.2.1)
|
|
Patches: upstream: http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13034 |