Description
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
Remediation
References
Related Vulnerabilities
e107 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-16388)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0018)
WordPress Plugin CYSTEME Finder, the admin files explorer Cross-Site Request Forgery (1.4)
WordPress Plugin Events Made Easy PHP Object Injection (2.0.52)