All errata/sisyphus/ALT-PU-2014-2138-2
ALT-PU-2014-2138-2

Package update phpMyAdmin in branch sisyphus

Version4.2.8.1-alt1
Task#130195
Published2026-02-04
Max severityMEDIUM
Severity:

Closed issues (2)

CVE-2014-6300
MEDIUM4.3

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

Published: 2014-11-08Modified: 2025-04-12
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
References
GHSA-6wfj-2mw7-p5cg
NONE

phpMyAdmin micro history Implementation XSS Vulnerability

Published: 2022-05-14Modified: 2023-08-16
References