Description

An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to bypass the logout timeout. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected.

Remediation

References

CVE-2016-9851

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2000-0631)

MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-0363)

Joomla! Core 3.3.x Remote File Inclusion (3.3.0 - 3.3.4)

WordPress Plugin Hide My WP Cross-Site Scripting (4.53)

WordPress Plugin Ad Buttons Multiple Vulnerabilities (2.3.1)

Severity

Medium

Classification

CVE-2016-9851 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities