Description

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Remediation

References

CVE-2022-23808

Related Vulnerabilities

Ruby Cryptographic Issues Vulnerability (CVE-2013-4363)

WordPress Plugin Beaver Builder-WordPress Page Builder Security Bypass (1.7)

Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-23500)

WordPress Plugin SP Project & Document Manager Unspecified Vulnerability (2.6.2.5)

Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7854)

Severity

Medium

Classification

CVE-2022-23808 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities