CVE-2008-4326

EPSS 0.43%

phpmyadmin - cross site scripting

發布日:2008/9/30修改日:2026/5/7

也稱為:DEBIAN-CVE-2008-4326

描述

The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.

受影響套件(2)

Debian/phpmyadminfrom 0, < 4:2.11.8.1-3
Debian/phpmyadminfrom 0, < 4:2.9.1.1-9

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-4326