icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

phpMyAdmin < 2.6.0-p13 XSS

Medium

Synopsis

The remote web server contains a PHP application that is affected by a cross-site scripting (XSS) vulnerability.

Description

Versions of phpMyAdmin prior to 2.6.0-p13 are vulnerable to cross-site scripting attacks through multiple scripts. With a specially crafted URL, an attacker may use the remote host to perform a cross site scripting attack.

Solution

Upgrade to phpMyAdmin 2.6.0-pl3 or higher.