CVE-2025-24529 — Cross-site Scripting in Phpmyadmin

Severity

6.4MEDIUMNVD

EPSS

0.2%

top 60.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJan 23

Description

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:NExploitability: 3.1 | Impact: 2.7

▶debiandebian/phpmyadmin< phpmyadmin 4:5.2.1+dfsg-1+deb12u1 (bookworm)

▶CVEListV5phpmyadmin/phpmyadmin5.0.0 — 5.2.2

▶Debianphpmyadmin/phpmyadmin< 4:5.0.4+dfsg2-2+deb11u2+3

OSV

CVE-2025-24529: An issue was discovered in phpMyAdmin 5↗2025-01-23

▶

GHSA

GHSA-hjg3-5h8c-33gf: An issue was discovered in phpMyAdmin 5↗2025-01-23

▶

Debian

CVE-2025-24529: phpmyadmin - An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has...↗2025

▶