Description
An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
Remediation
References
Related Vulnerabilities
WordPress 5.1.x Cross-Site Request Forgery (5.1)
XWiki Improper Authentication Vulnerability (CVE-2022-36092)
WordPress Plugin Occasions Cross-Site Request Forgery (1.0.4)
WordPress Plugin CloudFlare Multiple Cross-Site Scripting Vulnerabilities (1.3.20)
ProjectSend Improper Input Validation Vulnerability (CVE-2017-9741)