Ubuntu
phpliteadmin package

Bug #1964710
Comment #6

Comment 6 for bug 1964710

Revision history for this message

Nicholas Guriev (mymedia) wrote on 2022-05-22: Re: [Bug 1964710] Re: XSS vulnerability in row_create

phpliteadmin_1.9.7.1-1ubuntu0.2.debdiff Edit (2.5 KiB, text/x-patch; name="phpliteadmin_1.9.7.1-1ubuntu0.2.debdiff"; charset="UTF-8")

Hello! I have tested the fixes in a virtual machine and here are the
results.

Current version in Impish does not work at all and
1.9.8.2-1ubuntu0.21.10.1 version fixes the problems and is not
vulnerable to the XSS in the newRows parameter. 👍

Current version for Focal is vulnerable and 1.9.8.2-1ubuntu0.20.04.1
fixes the issue. 👍

Although, version in Bionic 1.9.7.1-1ubuntu0.1 has the XSS flaw though
the POST parameter 'num', it is hardly exploitable because of CSRF
protection. An attacker needs to know somehow a token before he could
inject malicious code. In fact, I found other problem with the current
version, the file /etc/apache/conf-available/phpliteadmin.conf contains
"Depends: php7.0" magic comment that is blocking it from automatic
activation by the postinst script. It would be great to replace digit
7.0 with 7.2. Since the original issue is mitigated, let me propose one
more one-liner fix. 🤔

Ubuntuphpliteadmin package

Comment 6 for bug 1964710

Ubuntu
phpliteadmin package