Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action.
Remediation
References
Related Vulnerabilities
WordPress Plugin Jekyll Exporter Remote Code Execution (2.2.0)
WordPress Plugin Magic Fields Arbitrary File Upload (1.6.3.2)
WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06)
WordPress Plugin Events Manager Unspecified Vulnerability (5.5.5)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-1468)