Description

Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters.

Remediation

References

CVE-2016-5732

Related Vulnerabilities

WordPress Plugin Admin Custom Login Cross-Site Scripting (2.5.3.1)

Play Framework Out-of-bounds Write Vulnerability (CVE-2020-27196)

Internet Information Services Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-1999-0861)

Mailman Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-2775)

WordPress Plugin Jock on air now Cross-Site Scripting (5.6.2)

Severity

Medium

Classification

CVE-2016-5732 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities