Description
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.
Remediation
References
Related Vulnerabilities
ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)
WordPress Plugin Gwolle Guestbook Remote File Inclusion (1.5.3)
Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-1433)
WordPress Plugin Lingotek Translation Multiple Cross-Site Scripting Vulnerabilities (1.1.8)