Candidate: CVE-2011-3598
PublicDate: 2011-10-08 02:52:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3598
 https://secunia.com/advisories/46248/
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before
 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1)
 a web page title, related to classes/Misc.php; or the (2) return_url or (3)
 return_desc parameter to display.php.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.gentoo.org/show_bug.cgi?id=385505
 https://bugzilla.redhat.com/show_bug.cgi?id=743205
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_phppgadmin:
 upstream: https://github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842
upstream_phppgadmin: released (5.0.3)
hardy_phppgadmin: ignored (reached end-of-life)
lucid_phppgadmin: ignored (reached end-of-life)
maverick_phppgadmin: ignored (reached end-of-life)
natty_phppgadmin: ignored (reached end-of-life)
oneiric_phppgadmin: not-affected (5.0.3-1)
precise_phppgadmin: not-affected (5.0.3-1)
quantal_phppgadmin: not-affected (5.0.4-1)
raring_phppgadmin: not-affected (5.0.4-1)
saucy_phppgadmin: not-affected (5.0.4-1)
devel_phppgadmin: not-affected (5.0.4-1)