CVE-2011-3598
EPSS 0.71%
Description
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php.
How to fix CVE-2011-3598
To remediate CVE-2011-3598, upgrade the affected package to a fixed version below.
- Debian/phppgadmin—upgrade to 5.0.3-1 or later
Is CVE-2011-3598 being exploited?
Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.0.3-1