Description

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Remediation

References

CVE-2022-23808

Related Vulnerabilities

Oracle JRE CVE-2013-2457 Vulnerability (CVE-2013-2457)

WordPress Plugin IgnitionDeck Security Bypass (1.1.6)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-17971)

Oracle JRE CVE-2013-2430 Vulnerability (CVE-2013-2430)

WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9.2)

Severity

Medium

Classification

CVE-2022-23808 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities