There are 2 open security issues in buster.
2 issues left for the package maintainer to handle:
- CVE-2020-35572:
(needs triaging)
Adminer through 4.7.8 allows XSS via the history parameter to the default URI.
- CVE-2021-21311:
(needs triaging)
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.
You can find information about how to handle these issues in the security team's documentation.