Red Hat Bugzilla – Bug 631824
CVE-2010-3263 phpMyAdmin (x < v3.3.7): XSS in setup script (PMASA-2010-7)
Last modified: 2016-03-04 06:23:17 EST
phpMyAdmin (x < v3.3.7) improperly sanitized server name provided to
the setup script. An attacker could use this flaw (under
certain installations) to conduct cross-site scripting
(XSS) attacks (execute arbitrary HTML or scripting code).
Affected versions (from ):
For 3.x: versions before 3.3.7 are affected.
Unaffected versions (from ):
Branch 2.11.x is not affected by this.
Upstream acknowledges Tenable Network Security as original reporter.
This issue affects the versions of the phpMyAdmin package, as shipped
with Fedora release of 12 and 13.
Created phpMyAdmin tracking bugs for this issue
Affects: fedora-all [bug 631829]
CVE identifier of CVE-2010-3263 has been assigned to this issue.
*** Bug 636273 has been marked as a duplicate of this bug. ***
I think this bug report should be closed, shouldn't it?