Description
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
Remediation
References
Related Vulnerabilities
WordPress Plugin PhotoXhibit Multiple Cross-Site Scripting Vulnerabilities (2.1.8)
WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727)
WordPress Plugin MM Duplicate 'index.php' SQL Injection (1.2)
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-20412)
WordPress Improper Authentication Vulnerability (CVE-2022-43504)