vulnerability
phpMyAdmin: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2018-19970)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Dec 11, 2018 | Oct 16, 2019 | Nov 27, 2024 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Dec 11, 2018
Added
Oct 16, 2019
Modified
Nov 27, 2024
Description
In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.
Solution
phpmyadmin-upgrade-4_8_4

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.