Description
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2015-2629 Vulnerability (CVE-2015-2629)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2402)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.5)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.26)
WordPress Plugin Terillion Reviews Profile Id Cross-Site Scripting (1.1)