Description

Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.

Remediation

References

CVE-2016-5099

Related Vulnerabilities

WordPress Plugin My Tickets Cross-Site Request Forgery (1.9.10)

WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727)

Python Integer Overflow or Wraparound Vulnerability (CVE-2015-1283)

WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.4)

YetiForce CRM Improper Input Validation Vulnerability (CVE-2021-4117)

Severity

Medium

Classification

CVE-2016-5099 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities