BIT-phpmyadmin-2022-23808

BIT-phpmyadmin-2022-23808 PUBLISHED CVSS 6.099999904632568 MEDIUM

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Bitnami	phpmyadmin	5.1.0, 5.1.0, 5.1.0

Exploit Intelligence

phpMyAdmin XSS (github-poc-repo)
phpMyAdmin XSS (github-poc)
web_poc_map_v2.yaml (github-poc)
Nuclei Template: CVE-2022-23808 (nuclei-template)

Timeline

Mar 6, 2024 CVE Published
Apr 3, 2025 CVE Updated

References

https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97 url
https://security.gentoo.org/glsa/202311-17 url
https://www.phpmyadmin.net/security/PMASA-2022-2/ url
https://nvd.nist.gov/vuln/detail/CVE-2022-23808 url

Open in Interactive Console →