phpmyadmin is vulnerable to cross-site scripting (XSS) attacks. A malicious user can use the database variable to inject and execute arbitrary Javascript when the database variable is called through the designer feature.
CPE | Name | Operator | Version |
---|---|---|---|
phpmyadmin/phpmyadmin | le | 4.8.1 |