CVE-2018-15605

描述

An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.

受影響套件(1)

• Packagist/phpmyadmin/phpmyadminfrom 0, < 4.8.3

CVSS 分數

參考連結(6)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-15605
• PATCHhttps://github.com/phpmyadmin/composer
• WEBhttps://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1
• WEBhttps://www.phpmyadmin.net/security/PMASA-2018-5
• WEBhttp://www.securityfocus.com/bid/105168
• WEBhttp://www.securitytracker.com/id/1041548