Description
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Nofollow Links Cross-Site Scripting (1.0.10)
WordPress Plugin Booking Calendar SQL Injection (6.2.2)
WordPress Plugin Livefyre Comments 3 Cross-Site Scripting (4.1.4)
SharePoint CVE-2020-1205 Vulnerability (CVE-2020-1205)
WordPress Plugin Post to CSV by BestWebSoft Cross-Site Scripting (1.3.0)