What is the severity of CVE-2016-2561?

CVE-2016-2561 has a medium severity rating due to its potential for enabling cross-site scripting attacks that may impact the confidentiality and integrity of sensitive data.

How do I fix CVE-2016-2561?

To fix CVE-2016-2561, you should upgrade phpMyAdmin to version 4.4.15.5 or later, or to version 4.5.5.1 or later.

Who is affected by CVE-2016-2561?

CVE-2016-2561 affects users of phpMyAdmin versions 4.4.x prior to 4.4.15.5 and 4.5.x prior to 4.5.5.1.

What types of attacks are possible with CVE-2016-2561?

CVE-2016-2561 allows for remote authenticated users to exploit cross-site scripting vulnerabilities to inject arbitrary web scripts or HTML into a web application.

What are the potential impacts of CVE-2016-2561?

The potential impacts of CVE-2016-2561 include unauthorized access to sensitive data and manipulation of the web application's behavior due to cross-site scripting vulnerabilities.

Vulnerability/
CVE-2016-2561

medium

5.4

CWE

1/3/2016

5/8/2024

CVE-2016-2561: XSS

First published: Tue Mar 01 2016(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the database normalization page, (3) templates/database/structure/sortable_header.phtml in the database structure page, or (4) the pos parameter to db_central_columns.php in the central columns page.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
phpMyAdmin phpMyAdmin	=4.4.0
phpMyAdmin phpMyAdmin	=4.4.1
phpMyAdmin phpMyAdmin	=4.4.1.1
phpMyAdmin phpMyAdmin	=4.4.2
phpMyAdmin phpMyAdmin	=4.4.3
phpMyAdmin phpMyAdmin	=4.4.4
phpMyAdmin phpMyAdmin	=4.4.5
phpMyAdmin phpMyAdmin	=4.4.6
phpMyAdmin phpMyAdmin	=4.4.6.1
phpMyAdmin phpMyAdmin	=4.4.7
phpMyAdmin phpMyAdmin	=4.4.8
phpMyAdmin phpMyAdmin	=4.4.9
phpMyAdmin phpMyAdmin	=4.4.10
phpMyAdmin phpMyAdmin	=4.4.11
phpMyAdmin phpMyAdmin	=4.4.12
phpMyAdmin phpMyAdmin	=4.4.13
phpMyAdmin phpMyAdmin	=4.4.13.1
phpMyAdmin phpMyAdmin	=4.4.14
phpMyAdmin phpMyAdmin	=4.4.14.1
phpMyAdmin phpMyAdmin	=4.4.15
phpMyAdmin phpMyAdmin	=4.4.15.1
phpMyAdmin phpMyAdmin	=4.4.15.2
phpMyAdmin phpMyAdmin	=4.4.15.3
phpMyAdmin phpMyAdmin	=4.4.15.4
phpMyAdmin phpMyAdmin	=4.5.0
phpMyAdmin phpMyAdmin	=4.5.0-beta1
phpMyAdmin phpMyAdmin	=4.5.0-beta2
phpMyAdmin phpMyAdmin	=4.5.0-rc1
phpMyAdmin phpMyAdmin	=4.5.0.1
phpMyAdmin phpMyAdmin	=4.5.0.2
phpMyAdmin phpMyAdmin	=4.5.1
phpMyAdmin phpMyAdmin	=4.5.2
phpMyAdmin phpMyAdmin	=4.5.3
phpMyAdmin phpMyAdmin	=4.5.3.1
phpMyAdmin phpMyAdmin	=4.5.4
phpMyAdmin phpMyAdmin	=4.5.4.1
phpMyAdmin phpMyAdmin	=4.5.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-2561?
CVE-2016-2561 has a medium severity rating due to its potential for enabling cross-site scripting attacks that may impact the confidentiality and integrity of sensitive data.
How do I fix CVE-2016-2561?
To fix CVE-2016-2561, you should upgrade phpMyAdmin to version 4.4.15.5 or later, or to version 4.5.5.1 or later.
Who is affected by CVE-2016-2561?
CVE-2016-2561 affects users of phpMyAdmin versions 4.4.x prior to 4.4.15.5 and 4.5.x prior to 4.5.5.1.
What types of attacks are possible with CVE-2016-2561?
CVE-2016-2561 allows for remote authenticated users to exploit cross-site scripting vulnerabilities to inject arbitrary web scripts or HTML into a web application.
What are the potential impacts of CVE-2016-2561?
The potential impacts of CVE-2016-2561 include unauthorized access to sensitive data and manipulation of the web application's behavior due to cross-site scripting vulnerabilities.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/remedy
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/phpmyadmin
canonical/phpmyadmin phpmyadmin
version/phpmyadmin phpmyadmin/4.4.0
version/phpmyadmin phpmyadmin/4.4.1
version/phpmyadmin phpmyadmin/4.4.1.1
version/phpmyadmin phpmyadmin/4.4.2
version/phpmyadmin phpmyadmin/4.4.3
version/phpmyadmin phpmyadmin/4.4.4
version/phpmyadmin phpmyadmin/4.4.5
version/phpmyadmin phpmyadmin/4.4.6
version/phpmyadmin phpmyadmin/4.4.6.1
version/phpmyadmin phpmyadmin/4.4.7
version/phpmyadmin phpmyadmin/4.4.8
version/phpmyadmin phpmyadmin/4.4.9
version/phpmyadmin phpmyadmin/4.4.10
version/phpmyadmin phpmyadmin/4.4.11
version/phpmyadmin phpmyadmin/4.4.12
version/phpmyadmin phpmyadmin/4.4.13
version/phpmyadmin phpmyadmin/4.4.13.1
version/phpmyadmin phpmyadmin/4.4.14
version/phpmyadmin phpmyadmin/4.4.14.1
version/phpmyadmin phpmyadmin/4.4.15
version/phpmyadmin phpmyadmin/4.4.15.1
version/phpmyadmin phpmyadmin/4.4.15.2
version/phpmyadmin phpmyadmin/4.4.15.3
version/phpmyadmin phpmyadmin/4.4.15.4
version/phpmyadmin phpmyadmin/4.5.0
version/phpmyadmin phpmyadmin/4.5.0-beta1
version/phpmyadmin phpmyadmin/4.5.0-beta2
version/phpmyadmin phpmyadmin/4.5.0-rc1
version/phpmyadmin phpmyadmin/4.5.0.1
version/phpmyadmin phpmyadmin/4.5.0.2
version/phpmyadmin phpmyadmin/4.5.1
version/phpmyadmin phpmyadmin/4.5.2
version/phpmyadmin phpmyadmin/4.5.3
version/phpmyadmin phpmyadmin/4.5.3.1
version/phpmyadmin phpmyadmin/4.5.4
version/phpmyadmin phpmyadmin/4.5.4.1
version/phpmyadmin phpmyadmin/4.5.5

CVE-2016-2561: XSS

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-2561?

How do I fix CVE-2016-2561?

Who is affected by CVE-2016-2561?

What types of attacks are possible with CVE-2016-2561?

What are the potential impacts of CVE-2016-2561?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-2561?

How do I fix CVE-2016-2561?

Who is affected by CVE-2016-2561?

What types of attacks are possible with CVE-2016-2561?

What are the potential impacts of CVE-2016-2561?