Description
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.
Remediation
References
Related Vulnerabilities
Moodle Credentials Management Errors Vulnerability (CVE-2012-0794)
WordPress Plugin GS Products Slider for WooCommerce Cross-Site Scripting (1.5.8)
PleskLin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-24044)
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.51)
WordPress Plugin SP Project & Document Manager Multiple Vulnerabilities (2.5.9.7)