CVE-2008-4456 in MySQLinfo

Summary

Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

10/06/2008

Disclosure

10/06/2008

Moderation

VulDB entry created

Entries

VDB-44358 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

Exploit

Download

CVSS

4.3

EPSS

0.06318

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-4456
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4456
CVE Details	https://www.cvedetails.com/cve/CVE-2008-4456/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!