phpmyadmin: fix CVE-2023-25727 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Dragos-Marian Panait <dragos.panait@windriver.com>	2023-03-24 07:49:56 -0700
committer	Armin Kuster <akuster808@gmail.com>	2023-04-04 09:04:49 -0400
commit	99047e44ce4ecdf57222b73eb9381ba9d554e2fa (patch)
tree	5c39fc7262eec00fc3ef656308b3d7fcc8fb0f4a /meta-initramfs
parent	496d23c0fcef9d69b6d657b751515fd76820ee48 (diff)
download	meta-openembedded-99047e44ce4ecdf57222b73eb9381ba9d554e2fa.tar.gz

phpmyadmin: fix CVE-2023-25727

In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-25727 Upstream patch: https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-initramfs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: