Date: Thu, 16 Mar 2023 19:55:32 GMT From: Florian Smeets <flo@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 3dc24ba81d9c - main - security/vuxml: Document phpmyadmin vulnerabilities Message-ID: <202303161955.32GJtWYh035204@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by flo: URL: https://cgit.FreeBSD.org/ports/commit/?id=3dc24ba81d9c62a8bc71120e24354b79e3867652 commit 3dc24ba81d9c62a8bc71120e24354b79e3867652 Author: Florian Smeets <flo@FreeBSD.org> AuthorDate: 2023-03-16 19:44:47 +0000 Commit: Florian Smeets <flo@FreeBSD.org> CommitDate: 2023-03-16 19:44:47 +0000 security/vuxml: Document phpmyadmin vulnerabilities --- security/vuxml/vuln/2023.xml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 632fba0a9f9c..e4c39fc773e0 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,36 @@ + <vuln vid="72583cb3-a7f9-11ed-bd9e-589cfc0f81b0"> + <topic>phpMyAdmin -- XSS vulnerability in drag-and-drop upload</topic> + <affects> + <package> + <name>phpMyAdmin</name> + <name>phpMyAdmin-php80</name> + <name>phpMyAdmin-php81</name> + <name>phpMyAdmin-php82</name> + <name>phpMyAdmin5</name> + <name>phpMyAdmin5-php80</name> + <name>phpMyAdmin5-php81</name> + <name>phpMyAdmin5-php82</name> + <range><lt>4.9.11</lt></range> + <range><ge>5.0</ge><lt>5.2.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>phpMyAdmin Team reports:</p> + <blockquote cite="https://www.phpmyadmin.net/news/2023/2/8/phpmyadmin-4911-and-521-are-released/"> + <p>PMASA-2023-1 XSS vulnerability in drag-and-drop upload</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.phpmyadmin.net/security/PMASA-2023-1/</url> + </references> + <dates> + <discovery>2023-02-07</discovery> + <entry>2023-03-16</entry> + </dates> + </vuln> + <vuln vid="8edeb3c1-bfe7-11ed-96f5-3497f65b111b"> <topic>Apache httpd -- Multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202303161955.32GJtWYh035204>