Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Enhanced Plugin Admin Cross-Site Scripting (1.15)
WordPress Plugin Travel Management Privilege Escalation (1.5)
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)
WordPress Plugin Supafolio Multiple Unspecified Vulnerabilities (2.1.0)
WordPress Plugin WooCommerce OpenPOS Arbitrary File Deletion (6.4.4)