Description

An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Remediation

References

CVE-2016-9848

Related Vulnerabilities

Moodle CVE-2019-3852 Vulnerability (CVE-2019-3852)

WordPress Plugin Stop Spammers Security-Block Spam Users, Comments, Forms Cross-Site Scripting (2021.8)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10402)

WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5)

Oracle Database Server CVE-2011-0838 Vulnerability (CVE-2011-0838)

Severity

Medium

Classification

CVE-2016-9848 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities