[Bug 908364] New: CVE-2014-9219: phpMyAdmin: XSS vulnerability in redirection mechanism
http://bugzilla.opensuse.org/show_bug.cgi?id=908364 Bug ID: 908364 Summary: CVE-2014-9219: phpMyAdmin: XSS vulnerability in redirection mechanism Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: All URL: http://www.phpmyadmin.net/home_page/security/PMASA-201 4-18.php OS: openSUSE 13.2 Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: Andreas.Stieger@gmx.de QA Contact: qa-bugs@suse.de CC: chris@computersalat.de, ecsos@schirra.net Found By: --- Blocker: ---
From http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
Announcement-ID: PMASA-2014-18 Date: 2014-12-03 Summary: XSS vulnerability in redirection mechanism. Description: With a crafted URL it was possible to trigger an XSS in the redirection mechanism in phpMyAdmin.
Severity: We consider this vulnerability to be non critical. Affected Versions: Versions 4.2.x (prior to 4.2.13.1) are affected. Solution: Upgrade to phpMyAdmin 4.2.13.1 or newer, or apply the patch listed below. Assigned CVE ids: CVE-2014-9219 CWE ids: CWE-661 CWE-79 Patches: 9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=908364 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED --- Comment #1 from Andreas Stieger <Andreas.Stieger@gmx.de> --- Submitted to openSUSE:Factory https://build.opensuse.org/request/show/264015 Eric, as you seem to follow this package closely, would you like to look into the the maintenance update for 12.3 through 13.2? -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com