phpmyadmin: cross-site scripting

Package(s):

phpmyadmin

CVE #(s):

CVE-2016-5099

Created:

May 31, 2016

Updated:

June 2, 2016

Description:

From the Mageia advisory:

In phpMyAdmin before 4.4.15.6, a specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page.

Alerts:

Debian	DSA-3627-1	phpmyadmin	2016-07-24
Gentoo	201701-32	phpmyadmin	2017-01-11
openSUSE	openSUSE-SU-2016:1556-1	phpMyAdmin	2016-06-11
Fedora	FEDORA-2016-cd05bd994a	phpMyAdmin	2016-06-05
Fedora	FEDORA-2016-55261b6815	phpMyAdmin	2016-06-01
openSUSE	openSUSE-SU-2016:1434-1	phpMyAdmin	2016-05-29
Mageia	MGASA-2016-0211	phpmyadmin	2016-05-29