-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| phpmyadmin/phpmyadmin | composer | >= 3.5, < 3.5.8.2 | 3.5.8.2 |
Miggo AIRoot Cause AnalysisThe vulnerability description explicitly identifies two vectors: 1) anchor handling in setup/index.php and 2) chartTitle rendering. Both involve unescaped user-controlled input being embedded in HTML contexts. The PHPMyAdmin advisory confirms these are server-side XSS issues requiring user interaction with crafted values. While exact function names aren't provided in available resources, the file paths and component responsibilities (setup/index.php page anchor handling and chart rendering) are clearly implicated by the vulnerability description and advisory details.