VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-qfq1-gecz-cuf1

Essentials
Severities (36)
References (9)
Severity details (7)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-qfq1-gecz-cuf1
Aliases	CVE-2011-3591 GHSA-3p87-w3c5-27gf
Summary	phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) `js/functions.js` and (2) `js/tbl_structure.js`.
Status	Published
Exploitability	0.5
Weighted Severity	2.7
Risk	1.4
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
epss	0.0018	https://api.first.org/data/v1/epss?cve=CVE-2011-3591
generic_textual	LOW	https://bugzilla.redhat.com/show_bug.cgi?id=738681
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-3p87-w3c5-27gf
generic_textual	LOW	https://github.com/phpmyadmin/composer
generic_textual	LOW	https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170
generic_textual	LOW	https://nvd.nist.gov/vuln/detail/CVE-2011-3591
generic_textual	LOW	http://www.openwall.com/lists/oss-security/2011/09/30/8
generic_textual	LOW	http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2011-3591
		https://bugzilla.redhat.com/show_bug.cgi?id=738681
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3591
		https://github.com/phpmyadmin/composer
		https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170
		https://nvd.nist.gov/vuln/detail/CVE-2011-3591
		http://www.openwall.com/lists/oss-security/2011/09/30/8
		http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
GHSA-3p87-w3c5-27gf		https://github.com/advisories/GHSA-3p87-w3c5-27gf

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.40077
EPSS Score	0.0018
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:16:25.259102+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3p87-w3c5-27gf/GHSA-3p87-w3c5-27gf.json	37.0.0