Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted database name, (2) a crafted user name, (3) a crafted logo URL in the navigation panel, (4) a crafted entry in a certain proxy list, or (5) crafted content in a version.json file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-07-30T18:00:00
Updated: 2024-08-06T16:59:41.182Z
Reserved: 2013-07-29T00:00:00
Link: CVE-2013-4996
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-07-31T13:20:08.557
Modified: 2024-11-21T01:56:51.860
Link: CVE-2013-4996
Redhat
No data.