Description

phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.

Remediation

References

CVE-2008-3456

Related Vulnerabilities

WordPress Plugin WordPress Books Gallery Unspecified Vulnerability (4.4.1)

Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)

WordPress Plugin LazyEater Multiple Unspecified Vulnerabilities (1.2.4)

Elgg Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2935)

WordPress Plugin bizzCam Video Cross-Site Scripting (0.1)

Severity

Medium

Classification

CVE-2008-3456 CWE-59

Tags

Missing Update Known Vulnerabilities