Description

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Remediation

References

CVE-2022-23808

Related Vulnerabilities

Oracle Database Server Other Vulnerability (CVE-2006-2081)

MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10382)

MySQL CVE-2016-0644 Vulnerability (CVE-2016-0644)

WordPress Plugin Slider Hero with Animation, Video Background SQL Injection (8.2.6)

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9126)

Severity

Medium

Classification

CVE-2022-23808 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities