Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x prior to 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyadmin phpmyadmin 4.2.2 |
||
phpmyadmin phpmyadmin 4.2.3 |
||
phpmyadmin phpmyadmin 4.2.4 |
||
phpmyadmin phpmyadmin 4.2.5 |
||
phpmyadmin phpmyadmin 4.2.1 |
||
phpmyadmin phpmyadmin 4.2.0 |