admin
02-24-2005, 10:22 PM
http://www.securityfocus.com/bid/12644
PLEASE NOTE: This does not effect the version of PhpMyAdmin installed on Hard Hat Hosting's servers. If you have installed any of the versions effected, please upgrade immediately.
The following was reported and is available at
http://www.securityfocus.com/bid/12644
------------------------------ -------------------------
Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin.
These issues are due to a failure of the application to properly
sanitize user-supplied input prior to including it in dynamically
generated Web content.
An attacker may leverage these issues to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other attacks.
--
[phpsec] Mailing List
Brought to you by php|architect - http://www.phparch.com (http://www.phparch.com/)
For account maintenance, please visit http://www.phparch.com/phpsec
PLEASE NOTE: This does not effect the version of PhpMyAdmin installed on Hard Hat Hosting's servers. If you have installed any of the versions effected, please upgrade immediately.
The following was reported and is available at
http://www.securityfocus.com/bid/12644
------------------------------ -------------------------
Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin.
These issues are due to a failure of the application to properly
sanitize user-supplied input prior to including it in dynamically
generated Web content.
An attacker may leverage these issues to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other attacks.
--
[phpsec] Mailing List
Brought to you by php|architect - http://www.phparch.com (http://www.phparch.com/)
For account maintenance, please visit http://www.phparch.com/phpsec