mailing list archives
CVE Request: Self-XSS in phpmyadmin fixed in 3.5.8
From: Salvatore Bonaccorso <carnil () debian org>
Date: Tue, 9 Apr 2013 14:01:24 +0200
New phpMyAdmin release (3.5.8) contains the following changelog entry:
- bug #3828 MariaDB reported as MySQL
- bug #3854 Incorrect header for Safari 6.0
- bug #3705 Attempt to open trigger for edit gives NULL
- Use HTML5 DOCTYPE
- [security] Self-XSS on GIS visualisation page, reported by Janek Vind
- bug #3800 Incorrect keyhandler behaviour #2
refering to a XSS vulnerability on the GIS visualisation page.  is
the reference by Janek Vind, upstream commit afaics .
Could a CVE be assigned to this issue?
- CVE Request: Self-XSS in phpmyadmin fixed in 3.5.8 Salvatore Bonaccorso (Apr 09)