Description
An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected.
Remediation
References
Related Vulnerabilities
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-7902)
WordPress Plugin Simply Instagram Cross-Site Scripting (1.2.6)
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (2.4.2)
Oracle Application Server Other Vulnerability (CVE-2007-2119)
Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1614)