Description

Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web script or HTML via a crafted request.

Remediation

References

CVE-2010-4329

Related Vulnerabilities

Oracle Database Server CVE-2018-2939 Vulnerability (CVE-2018-2939)

MySQL CVE-2020-14866 Vulnerability (CVE-2020-14866)

OpenSSL Out-of-bounds Write Vulnerability (CVE-2023-6129)

WordPress Plugin WooCommerce-Store Exporter Privilege Escalation (1.8.3)

Jenkins Other Vulnerability (CVE-2022-2048)

Severity

Medium

Classification

CVE-2010-4329 CWE-707

Tags

Missing Update Known Vulnerabilities