Announcement-ID: PMASA-2007-4
Date: 2007-04-24
Updated: 2007-05-17
XSS vulnerabilities
We received an advisory from Lukasz Plonka "sp3x" (SecurityReason) and we wish to thank him for his work. It was possible to trigger these attacks on various scripts due to shortcomings in the JavaScript code detection.
We consider these vulnerabilities to be serious.
Probably all versions to 2.10.0.2.
Upgrade to phpMyAdmin 2.10.1 or newer.
Assigned CVE ids: CVE-2007-2245
The following commits have been made to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.