Candidate: CVE-2013-3742
PublicDate: 2013-07-04 14:33:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3742
 http://www.phpmyadmin.net/home_page/security/PMASA-2013-6.php
Description:
 Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create
 View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users
 to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW
 statement with a crafted name that triggers an error message.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 


Patches_phpmyadmin:
 upstream: https://github.com/phpmyadmin/phpmyadmin/commit/9b3551601ce714adb5e3f428476052f0ec6093bf
upstream_phpmyadmin: released (4:4.0.1-3)
lucid_phpmyadmin: not-affected (4:3.3.2-1ubuntu1)
precise_phpmyadmin: not-affected (4:3.4.10.1-1)
quantal_phpmyadmin: not-affected (4:3.4.11.1-1)
raring_phpmyadmin: not-affected (4:3.5.8.1-1)
saucy_phpmyadmin: not-affected (4:4.0.6-1)
trusty_phpmyadmin: not-affected
trusty/esm_phpmyadmin: not-affected
devel_phpmyadmin: not-affected