NuytsTech Security

CVE-2010-4480

by ·

error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing "@" characters, as demonstrated using "[a@url@page]".

Date published : 2010-12-08

http://www.securityfocus.com/bid/45633

http://www.phpmyadmin.net/home_page/security/PMASA-2010-9.php

Tags: