FreeBSD : phpMyAdmin -- Multiple XSS (ed536336-1c57-11e1-86f4-e0cb4e266481)
Medium Nessus Plugin ID 56988
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe phpMyAdmin development team reports :
Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog.
Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs.
SolutionUpdate the affected package.