Description

phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.

Remediation

References

CVE-2008-3456

Related Vulnerabilities

Oracle Database Server CVE-2022-21393 Vulnerability (CVE-2022-21393)

WordPress Plugin Calendar_plugin Cross-Site Scripting (1.0)

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14641)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15110)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2317)

Severity

Medium

Classification

CVE-2008-3456 CWE-59

Tags

Missing Update Known Vulnerabilities