Description
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
Remediation
References
Related Vulnerabilities
WordPress Plugin Booster for WooCommerce PHP Object Injection (3.0.1)
WordPress Plugin Category Grid View Gallery TimThumb Arbitrary File Upload (0.1.1)
WordPress Plugin Content Audit Multiple Vulnerabilities (1.9.1)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0734)