Several XSS vulnerabilities were found in the code.
It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages.
We consider this vulnerability to be serious.
If the auth_type directive is set to 'config' and the directory is not protected, these attacks are more likely to succeed; otherwise, an attacker would need to obtain a valid token via another flaw on the server to be able to exploit these vulnerabilities.
For 2.11.x: versions before 220.127.116.11 are affected.
For 3.x: versions before 18.104.22.168 are affected.
Upgrade to phpMyAdmin 22.214.171.124 or 126.96.36.199 or newer or apply patch listed below.
Thanks to Aung Khant from YGN Ethical Hacker Group, Myanmar for reporting this issue. See their advisory for more details. After this report the team did audit the code as well and discovered more issues which are fixed as well.
Assigned CVE ids: CVE-2010-3056
The following commits have been made to fix this issue:
The following commits have been made on the 2.11 branch to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.