FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- XSS vulnerability

Affected packages
phpMyAdmin < 3.2.0.1

Details

VuXML ID ba73f494-65a8-11de-aef5-001c2514716c
Discovery 2009-06-30
Entry 2009-06-30
Modified 2010-05-02

The phpMyAdmin project reports:

It was possible to conduct an XSS attack via a crafted SQL bookmark.

All 3.x releases on which the "bookmarks" feature is active are affected, previous versions are not.

References

CVE Name CVE-2009-2284
URL http://www.phpmyadmin.net/home_page/security/PMASA-2009-5.php