Vulnerability	Vulnerable Version
C Remote Code Execution (RCE) pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Remote Code Execution (RCE) in the Cloud Deployment with Google Provider module, which is accessible via the `high_availability` parameter to the `/deploy` endpoint and in the Query Tool interface, which is accessible via the `query_commited` parameter to the `/download` endpoint. An attacker can execute arbitrary commands with the privileges of the application user. How to fix Remote Code Execution (RCE)? Upgrade `pgadmin4` to version 9.2 or higher.	[,9.2)
M Cross-site Scripting (XSS) pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the `measureText()` function, accessible via the Query Tool interface. An attacker can inject malicious scripts into the displayed output. How to fix Cross-site Scripting (XSS)? Upgrade `pgadmin4` to version 9.2 or higher.	[,9.2)
H Information Exposure pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Information Exposure due to improper handling of OAuth2 authentication credentials. How to fix Information Exposure? Upgrade `pgadmin4` to version 8.12 or higher.	[,8.12)

Go back to all versions of this package