CVE-2012-5368

phpMyAdmin <3.5.3 - XSS

Title source: llm

Description

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code.

References (5)

Scores

EPSS 0.0051
EPSS Percentile 66.1%

Details

CWE
CWE-79
Status published
Products (7)
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin
phpmyadmin/phpmyadmin < 3.5.3Packagist
n/a/n/a
Published Oct 25, 2012
Tracked Since Feb 18, 2026