CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-24530: An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or...

6.4 CVSS

Description

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.

Classification

CVE ID: CVE-2025-24530

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.4

Affected Products

Vendor: phpMyAdmin

Product: phpMyAdmin

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-21 (when was this score calculated)

References

https://www.phpmyadmin.net/security/PMASA-2025-1/

Timeline

2025-01-23 18:15:20 UTC
Github Advisory Database (Composer)

[phpmyadmin/phpmyadmin] phpMyAdmin XSS when checking tables
2025-01-24 00:31:05 UTC
CVE

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or...