Description

An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim.

Remediation

References

CVE-2019-12616

Related Vulnerabilities

Perl Out-of-bounds Write Vulnerability (CVE-2022-48522)

MySQL CVE-2017-3291 Vulnerability (CVE-2017-3291)

IBM WebSEAL Incorrect Default Permissions Vulnerability (CVE-2023-38370)

WordPress Plugin RSS Post Importer Cross-Site Scripting (2.2.1)

Joomla! Core 1.0.x Unspecified Vulnerability (1.0.0 - 1.0.3)

Severity

Medium

Classification

CVE-2019-12616 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities