In association with heise online

22 December 2011, 11:10

phpMyAdmin 3.4.9 fixes XSS vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

phpMyAdmin logo Version 3.4.9 of phpMyAdmin has been released, closing two security holes in the open source database administration tool. The update fixes vulnerabilities in the phpMyAdmin setup interface and the export panels in the server, database and table sections that could be exploited for cross-site scripting (XSS) attacks.

All 3.4.x versions up to and including 3.4.8 are affected – upgrading to 3.4.9 corrects the issues. Alternatively, patches are provided. The new release also fixes nine other bugs related to navigation, the user interface and the edit functionality.

A full list of changes can be found in the release notes and in the project's security advisories. Version 3.4.9 of phpMyAdmin is available to download from the project's site. Hosted on SourceForge, phpMyAdmin source code is licensed under the GPLv2.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1400135
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit