phpmyadmin is vulnerable to cross-site scripting (XSS). The attack exists because the database\table names in navigation tree are not properly escaped and allows a remote attacker to inject arbitrary Javascript into a victim’s browser.
CPE | Name | Operator | Version |
---|---|---|---|
phpmyadmin/phpmyadmin | le | 4.8.3 |