Upstream information

CVE-2018-15605 at MITRE

Description

An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 1105726 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub for SUSE Linux Enterprise 12
  • phpMyAdmin >= 4.8.3-29.1
Patchnames:
openSUSE-2018-939
openSUSE Leap 15.0
  • phpMyAdmin >= 4.8.3-lp150.2.9.1
Patchnames:
openSUSE-2018-939
openSUSE Leap 42.3
  • phpMyAdmin >= 4.8.3-21.1
Patchnames:
openSUSE-2018-939