Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an anchor identifier to setup/index.php or (2) a chartTitle (aka chart title) value.
Remediation
References
Related Vulnerabilities
TYPO3 Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-9508)
MySQL CVE-2019-2539 Vulnerability (CVE-2019-2539)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2023-39456)
WordPress Plugin Read and Understood Multiple Vulnerabilities (2.1)
WordPress Plugin WP DSGVO Tools (GDPR) Unspecified Vulnerability (3.1.26)