Bug 1122563 (CVE-2014-4986) - CVE-2014-4986 phpMyAdmin: Multiple XSS in AJAX confirmation messages (PMASA-2014-6)
Summary: CVE-2014-4986 phpMyAdmin: Multiple XSS in AJAX confirmation messages (PMASA-2...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2014-4986
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20140717,repor...
Depends On:
Blocks: 1122564
TreeView+ depends on / blocked
 
Reported: 2014-07-23 14:06 UTC by Vasyl Kaigorodov
Modified: 2019-06-08 20:07 UTC (History)
9 users (show)

Fixed In Version: phpMyAdmin 4.0.10.1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-09-07 04:31:55 UTC


Attachments (Terms of Use)

Description Vasyl Kaigorodov 2014-07-23 14:06:45 UTC
phpMyAdmin upstream released an advisory [1] which fixes 2 issues in phpMyAdmin versions prior to 4.0.10:

1) Input passed via the column name to the table structure page when dropping a column is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

2) Input passed via the table name to the table operations page when dropping or truncating a table is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

Original advisory:
 [1]: http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php

Upstream commit with the fix:
 https://github.com/phpmyadmin/phpmyadmin/commit/a92753bd65e1f8b72c46ed3dda6c362628e0daf7

Comment 1 Kurt Seifried 2014-09-07 04:31:55 UTC
This issue has been deferred.


Note You need to log in before you can comment on or make changes to this bug.