Description

An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the user's valid phpMyAdmin token. All 4.0.x versions (prior to 4.0.10.16) are affected.

Remediation

References

CVE-2016-4412

Related Vulnerabilities

MySQL CVE-2023-22046 Vulnerability (CVE-2023-22046)

WordPress Plugin Integration for WooCommerce and QuickBooks Cross-Site Scripting (1.1.8)

WebLogic CVE-2022-21548 Vulnerability (CVE-2022-21548)

MySQL CVE-2020-2763 Vulnerability (CVE-2020-2763)

XWiki Other Vulnerability (CVE-2022-41935)

Severity

Medium

Classification

CVE-2016-4412 CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities