Friday, September 24, 2010

phpmyadmin: Cross-site scripting vulnerability

Users of phpmyadmin please be advised of a Cross-site scripting vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com
MDVSA-2010:186: [MDVSA-2010:186] phpmyadmin Cross-site scripting
Problem Description:



A vulnerability has been found and corrected in phpmyadmin:



Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php

in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote

attackers to inject arbitrary web script or HTML via a server name

(CVE-2010-3263).
Read more at www.criticalwatch.com
 
See this Amp at http://bit.ly/aVppDQ

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)