CVE-2011-2642
Published: 1 August 2011
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.
Priority
Status
Package | Release | Status |
---|---|---|
phpmyadmin Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(4:3.4.3.2-1)
|
|
precise |
Not vulnerable
(4:3.4.3.2-1)
|
|
quantal |
Not vulnerable
(4:3.4.3.2-1)
|
|
raring |
Not vulnerable
(4:3.4.3.2-1)
|
|
saucy |
Not vulnerable
(4:3.4.3.2-1)
|
|
upstream |
Released
(3.4.3.2)
|
|
Patches: upstream: http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=a0823be05aa5835f207c0838b9cca67d2d9a050a upstream: http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=4bd27166c314faa37cada91533b86377f4d4d214 |