Description

XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the "Tracking" feature (a specially-crafted query can be used to trigger an XSS attack); and GIS visualization feature. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.

Remediation

References

CVE-2016-6615

Related Vulnerabilities

WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.2.25)

WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.0.6)

WordPress Plugin Flog Cross-Site Scripting (0.1)

MySQL CVE-2018-2766 Vulnerability (CVE-2018-2766)

WordPress Plugin Thrive Headline Optimizer Security Bypass (1.3.7.2)

Severity

Medium

Classification

CVE-2016-6615 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities