XSS Vulnerability in phpMyAdmin: Improper Fix for CVE-2016-2559 in PMASA-2016-10

CVE-2016-9856 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An XSS issue was discovered in phpMyAdmin because of an improper fix for CVE-2016-2559 in PMASA-2016-10. This issue is resolved by using a copy of a hash to avoid a race condition. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Learn more about our Web Application Penetration Testing UK.