Description
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
Remediation
References
Related Vulnerabilities
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8)
Joomla! Core 3.9.x Remote Code Execution (3.9.7 - 3.9.8)
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-4974)
WordPress Plugin WP DSGVO Tools (GDPR) PHP Object Injection (2.0.4)