http://bugzilla.opensuse.org/show_bug.cgi?id=908364 Bug ID: 908364 Summary: CVE-2014-9219: phpMyAdmin: XSS vulnerability in redirection mechanism Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: All URL: http://www.phpmyadmin.net/home_page/security/PMASA-201 4-18.php OS: openSUSE 13.2 Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: Andreas.Stieger@gmx.de QA Contact: qa-bugs@suse.de CC: chris@computersalat.de, ecsos@schirra.net Found By: --- Blocker: ---

From http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php

Announcement-ID: PMASA-2014-18 Date: 2014-12-03 Summary: XSS vulnerability in redirection mechanism. Description: With a crafted URL it was possible to trigger an XSS in the redirection mechanism in phpMyAdmin.

Severity: We consider this vulnerability to be non critical. Affected Versions: Versions 4.2.x (prior to 4.2.13.1) are affected. Solution: Upgrade to phpMyAdmin 4.2.13.1 or newer, or apply the patch listed below. Assigned CVE ids: CVE-2014-9219 CWE ids: CWE-661 CWE-79 Patches: 9b2479b7216dd91a6cc2f231c0fd6b85d457f6e2

-- You are receiving this mail because: You are on the CC list for the bug.