{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2014-12-26T02:59:05Z",
  "id": "CVE-2011-3591",
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php"
    },
    {
      "type": "FIX",
      "url": "https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=738681"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/09/30/8"
    }
  ]
}