Phpmyadmin : Security vulnerabilities, CVEs csrf, cross site request forgery published in 2014

CVE-2014-6300

Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js.

Max CVSS

4.3

EPSS Score

0.23%

Published

2014-11-08

Updated

2018-10-30

1 vulnerabilities found

Phpmyadmin : Security Vulnerabilities, CVEs, Published In 2014 (CSRF)

CVE-2014-6300