phpmyadmin sårbarhed er ikke en risiko med cPanel

Sunday, December 16, 2018

Vi er opmærksomme på at flere nyhedsmedier skriver om de nye sårbarheder i nuværende phpmyadmin.

Men da vores cPanel udgave af PHPMyAdmin kun kan tilgås indefra via CPANEL, så er denne sårbarhed ikke et problem hos os.

Her er den officielle udmelding fra CPANEL:

"When accessed through cPanel or Web Host Manager, phpMyAdmin is protected against CSRF/XSRF vulnerabilities like the ones referenced in the security report you provided. You can read about Security Tokens in our documentation for more information about this protection.


That said, we aim to publish updates of this nature for software included with cPanel & WHM as soon as possible. Internal case CPANEL-24366 is open to include phpMyAdmin version 4.8.4 with cPanel & WHM. I'll monitor the case and update this thread with more information on the status of it's implementation as it becomes available."

« Back