FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- Unsafe generation of XSRF/CSRF token

Affected packages
4.5.0 <= phpmyadmin < 4.5.4


VuXML ID 60ab0e93-c60b-11e5-bf36-6805ca0b3d42
Discovery 2016-01-28
Entry 2016-01-28

The phpMyAdmin development team reports:

The XSRF/CSRF token is generated with a weak algorithm using functions that do not return cryptographically secure values.

We consider this vulnerability to be non-critical.


CVE Name CVE-2016-2039