197575 CVE-2007-5728 2007-10-31 00:42 0000 dev-db/phppgadmin <= 4.1.2 login.php XSS (CVE-2007-5728) 2007-11-15 02:23:18 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://secunia.com/advisories/25446/ B4 [noglsa] P2 minor --- 1 rbu@gentoo.org security@gentoo.org pgsql-bugs@gentoo.org web-apps@gentoo.org rbu@gentoo.org 2007-10-31 00:42:11 0000 CVE-2007-5728 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5728): Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865. rbu@gentoo.org 2007-10-31 00:45:26 0000 Seems the fix from bug 180133 did not completely clean this, the Secunia advisory is updated to show 4.1.2 vulnerable. Web-Apps and Postgres, please advise. wrobel@gentoo.org 2007-10-31 04:55:09 0000 4.1.3 has been in the tree for a while and should be stabilized then. Targets: amd64 hppa ppc sparc x86 jer@gentoo.org 2007-10-31 05:23:14 0000 Stable for HPPA. maekke@gentoo.org 2007-11-01 12:35:54 0000 x86 stable armin76@gentoo.org 2007-11-05 15:52:19 0000 sparc stable dertobi123@gentoo.org 2007-11-06 18:04:04 0000 ppc stable astinus@gentoo.org 2007-11-14 03:04:39 0000 Stable on AMD64 :) rbu@gentoo.org 2007-11-14 17:42:47 0000 GLSA vote. I vote NO. py@gentoo.org 2007-11-14 19:56:26 0000 no too and closing.