Vulnerabilities > CVE-2025-2946 - Unspecified vulnerability in Pgadmin 4

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

pgadmin

NVD

Published: 2025-04-03

Updated: 2025-04-23

Summary

pgAdmin <= 9.1 is affected by a security vulnerability with Cross-Site Scripting(XSS). If attackers execute any arbitrary HTML/JavaScript in a user's browser through query result rendering, then HTML/JavaScript runs on the browser.

Vulnerable Configurations

Part	Description	Count
Application	Pgadmin Pgadmin Pgadmin 4 - Pgadmin Pgadmin 4 1.0 Pgadmin Pgadmin 4 1.1 Pgadmin Pgadmin 4 1.2 Pgadmin Pgadmin 4 1.3 Pgadmin Pgadmin 4 1.4 Pgadmin Pgadmin 4 1.5 Pgadmin Pgadmin 4 1.6 Pgadmin Pgadmin 4 2.0 Pgadmin Pgadmin 4 2.1 Pgadmin Pgadmin 4 3.0 Pgadmin Pgadmin 4 3.1 Pgadmin Pgadmin 4 3.2 Pgadmin Pgadmin 4 3.3 Pgadmin Pgadmin 4 3.4 Pgadmin Pgadmin 4 3.5 Pgadmin Pgadmin 4 3.6 Pgadmin Pgadmin 4 4.0 Pgadmin Pgadmin 4 4.1 Pgadmin Pgadmin 4 4.2 Pgadmin Pgadmin 4 4.3 Pgadmin Pgadmin 4 4.4 Pgadmin Pgadmin 4 4.5 Pgadmin Pgadmin 4 4.6 Pgadmin Pgadmin 4 4.7 Pgadmin Pgadmin 4 4.8 Pgadmin Pgadmin 4 4.9 Pgadmin Pgadmin 4 4.10 Pgadmin Pgadmin 4 4.11 Pgadmin Pgadmin 4 4.12 Pgadmin Pgadmin 4 4.13 Pgadmin Pgadmin 4 4.14 Pgadmin Pgadmin 4 4.15 Pgadmin Pgadmin 4 4.16 Pgadmin Pgadmin 4 4.17 Pgadmin Pgadmin 4 4.18 Pgadmin Pgadmin 4 4.19 Pgadmin Pgadmin 4 4.20 Pgadmin Pgadmin 4 4.21 Pgadmin Pgadmin 4 4.22 Pgadmin Pgadmin 4 4.23 Pgadmin Pgadmin 4 4.24 Pgadmin Pgadmin 4 4.25 Pgadmin Pgadmin 4 4.26 Pgadmin Pgadmin 4 4.27 Pgadmin Pgadmin 4 4.28 Pgadmin Pgadmin 4 4.29 Pgadmin Pgadmin 4 4.30 Pgadmin Pgadmin 4 5.0 Pgadmin Pgadmin 4 5.1 Pgadmin Pgadmin 4 5.2 Pgadmin Pgadmin 4 5.3 Pgadmin Pgadmin 4 5.4 Pgadmin Pgadmin 4 5.5 Pgadmin Pgadmin 4 5.6 Pgadmin Pgadmin 4 5.7 Pgadmin Pgadmin 4 6.0 Pgadmin Pgadmin 4 6.1 Pgadmin Pgadmin 4 6.2 Pgadmin Pgadmin 4 6.3 Pgadmin Pgadmin 4 6.4 Pgadmin Pgadmin 4 6.5 Pgadmin Pgadmin 4 6.6 Pgadmin Pgadmin 4 6.7 Pgadmin Pgadmin 4 6.8 Pgadmin Pgadmin 4 6.9 Pgadmin Pgadmin 4 6.10 Pgadmin Pgadmin 4 6.11 Pgadmin Pgadmin 4 6.12 Pgadmin Pgadmin 4 6.13 Pgadmin Pgadmin 4 6.14 Pgadmin Pgadmin 4 6.15 Pgadmin Pgadmin 4 6.16 Pgadmin Pgadmin 4 6.17 Pgadmin Pgadmin 4 6.18 Pgadmin Pgadmin 4 6.19 Pgadmin Pgadmin 4 6.20 Pgadmin Pgadmin 4 6.21 Pgadmin Pgadmin 4 7.0 Pgadmin Pgadmin 4 7.1 Pgadmin Pgadmin 4 7.2 Pgadmin Pgadmin 4 7.3 Pgadmin Pgadmin 4 7.4 Pgadmin Pgadmin 4 7.5 Pgadmin Pgadmin 4 7.6 Pgadmin Pgadmin 4 7.7 Pgadmin Pgadmin 4 7.8 Pgadmin Pgadmin 4 8.0 Pgadmin Pgadmin 4 8.1 Pgadmin Pgadmin 4 8.2 Pgadmin Pgadmin 4 8.3 Pgadmin Pgadmin 4 8.4 Pgadmin Pgadmin 4 8.5 Pgadmin Pgadmin 4 8.6 Pgadmin Pgadmin 4 8.7 Pgadmin Pgadmin 4 8.8 Pgadmin Pgadmin 4 8.9 Pgadmin Pgadmin 4 8.10 Pgadmin Pgadmin 4 8.11 Pgadmin Pgadmin 4 8.12 Pgadmin Pgadmin 4 8.13 Pgadmin Pgadmin 4 8.14 Pgadmin Pgadmin 4 9.0	110

References

https://github.com/pgadmin-org/pgadmin4/issues/8602