phpmyadmin
Page content
- Author: voroskoi
- Vulnerable: 2.9.1_rc1-1siwenna1
- Unaffected: 2.9.1.1-1siwenna1
Input containing UTF-7 encoded characters passed to the script which displays error messages is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. Three other security issues fixed too, see http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-{7,8,9} for details.
- Bug Tracker URL: http://bugs.frugalware.org/task/1417 http://bugs.frugalware.org/task/1469