Description
Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response.
Remediation
References
Related Vulnerabilities
WordPress Plugin Re-attacher by BestWebSoft Cross-Site Scripting (1.0.8)
WordPress Plugin Xllentech English Islamic Calendar SQL Injection (2.6.7)
WordPress Plugin GamePress-The Game Database Cross-Site Scripting (1.1.0)
Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014)