FreeBSD : phpMyAdmin -- multiple XSS vulnerabilities (e44fe906-df27-11e0-a333-001cc0a36e12)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

phpMyAdmin development team reports :

Firstly, if a row contains JavaScript code, after inline editing this
row and saving, the code is executed. Secondly, missing sanitization
on the db, table and column names leads to XSS vulnerabilities.

Versions 3.4.0 to 3.4.4 were found vulnerable.

See also :

http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
http://www.nessus.org/u?f52f03f9

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 56204 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now