Summary: | <dev-db/phppgadmin-5.0.3 Multiple Cross-Site Scripting Vulnerabilities (CVE-2011-3598) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | pgsql-bugs, web-apps |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/46248/ | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2011-10-03 13:53:53 UTC
Ebuild added to CVS. Thanks Tim. Arches, please test and mark stable: =dev-db/phppgadmin-5.0.3 target KEYWORDS : "amd64 hppa ppc x86" x86 stable. looks perfect also on a server amd64 ok amd64: pass Stable for HPPA. amd64 done. Thanks Agostino and Elijah CVE-2011-3598 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3598): Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php. ppc stable, last arch done Closing noglsa. Please remove vulnerable versions from the tree. |