Several XSS vulnerabilities were found in the code.
It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages.
We consider this vulnerability to be serious.
If the auth_type directive is set to 'config' and the directory is not protected, these attacks are more likely to succeed; otherwise, an attacker would need to obtain a valid token via another flaw on the server to be able to exploit these vulnerabilities.
For 2.11.x: versions before 126.96.36.199 are affected.
For 3.x: versions before 188.8.131.52 are affected.
Upgrade to phpMyAdmin 184.108.40.206 or 220.127.116.11 or newer or apply patch listed below.
Thanks to Aung Khant from YGN Ethical Hacker Group, Myanmar for reporting this issue. See their advisory for more details. After this report the team did audit the code as well and discovered more issues which are fixed as well.
Assigned CVE ids: CVE-2010-3056
The following commits have been made to fix this issue:
The following commits have been made on the 2.11 branch to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.