Home CVE Database CVE-2016-5705

CVE-2016-5705

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an invalid JSON error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.

Priority: MEDIUM
CVSS v3: 6.1
Publish Date: Jul 2, 2016
Related ID: --
CVSS v2: Medium
Modified Date: Jul 5, 2016

Find out more about CVE-2016-5705 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

phpmyadmin

Live chat
Online