Description
Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. NOTE: a third party reports that this is "not exploitable.
Remediation
References
Related Vulnerabilities
Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )
Moodle Improper Authorization Vulnerability (CVE-2019-14828)
Python Resource Management Errors Vulnerability (CVE-2011-1521)
WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.7.0 - 3.9.19)