Vulnerability Name: | CVE-2011-3591 (CCN-69836) | ||||||||
Assigned: | 2011-09-14 | ||||||||
Published: | 2011-09-14 | ||||||||
Updated: | 2014-12-29 | ||||||||
Summary: | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-79 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2011-3591 Source: CCN Type: SA45991 phpMyAdmin Multiple Script Insertion Vulnerabilities Source: CCN Type: SA46022 TYPO3 phpMyAdmin Extension Multiple Script Insertion Vulnerabilities Source: CCN Type: TYPO3-EXT-SA-2011-011 Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin) Source: MLIST Type: UNKNOWN [oss-security] 20110930 Re: CVE Request --- phpMyAdmin -- Multiple XSS flaws in versions v3.4.0 to v3.4.4 (PMASA-2011-14) Source: CCN Type: PMASA-2011-14 Multiple XSS Source: CONFIRM Type: Vendor Advisory http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php Source: CCN Type: BID-49648 phpMyAdmin Multiple HTML Injection Vulnerabilities Source: CONFIRM Type: UNKNOWN https://bugzilla.redhat.com/show_bug.cgi?id=738681 Source: XF Type: UNKNOWN phpmyadmin-inline-editing-xss(69836) Source: CONFIRM Type: UNKNOWN https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |