Description
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Translate WordPress with GTranslate Cross-Site Scripting (2.8.51)
WordPress Plugin MapPress Maps for WordPress Cross-Site Request Forgery (2.53.8)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35611)