Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MySQL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2008-4456 - Vulnerability Database
MySQL

MySQL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2008-4456

Low
Reference: CVE-2008-4456
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-4456
Title: MySQL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45 and other versions including versions later than 5.0.45 when the --html option is enabled allows attackers to inject arbitrary web script or HTML by placing it in a database cell which might be accessed by this client when composing an HTML document. NOTE: as of 20081031 the issue has not been fixed in MySQL 5.0.67.