DescriptionAn issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database|
- openSUSE-SU-2018:1806-1, published Sat, 23 Jun 2018 15:08:44 +0200 (CEST)
- openSUSE-SU-2018:1809-1, published Sat, 23 Jun 2018 15:10:01 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub for SUSE Linux Enterprise 12|| ||Patchnames:
|openSUSE Leap 15.0|| ||Patchnames:
|openSUSE Leap 42.3|| ||Patchnames: