Description
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server Other Vulnerability (CVE-2002-1138)
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.83)
WordPress Plugin Highlight Cross-Site Scripting (0.9.2)
Oracle Application Server Credentials Management Errors Vulnerability (CVE-2002-2345)
MediaWiki Incorrect Authorization Vulnerability (CVE-2023-22945)