PMASA-2016-30

Announcement-ID: PMASA-2016-30

Date: 2016-07-07

Updated: 2016-11-24

Summary

Multiple XSS vulnerabilities

Description

Multiple vulnerabilities have been discovered in the following areas of phpMyAdmin:

  • Zoom search: Specially crafted column content can be used to trigger an XSS attack
  • GIS editor: Certain fields in the graphical GIS editor at not properly escaped and can be used to trigger an XSS attack
  • Relation view
  • The following Transformations:
    • Formatted
    • Imagelink
    • JPEG: Upload
    • RegexValidation
    • JPEG inline
    • PNG inline
    • transformation wrapper
  • XML export
  • MediaWiki export
  • Designer
  • When the MySQL server is running with a specially-crafted log_bin directive
  • Database tab
  • Replication feature
  • Database search

Updated on 2016-11-24: Fixed list of commits.

Severity

We consider these vulnerabilities to be of moderate severity.

Affected Versions

All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected

Solution

Upgrade to phpMyAdmin 4.6.4, 4.4.15.8, 4.0.10.17, or newer or apply patch listed below.

References

Thanks to Emanuel Bronshtein @e3amn2l for reporting this vulnerability.

Assigned CVE ids: CVE-2016-6607

CWE ids: CWE-661

Patches

The following commits have been made on the 4.0 branch to fix this issue:

The following commits have been made on the 4.4 branch to fix this issue:

The following commits have been made on the 4.6 branch to fix this issue:

More information

For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.

Announcements