Description

Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

Remediation

References

CVE-2014-9219

Related Vulnerabilities

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12099)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)

WordPress Plugin iSlidex TimThumb Arbitrary File Upload (2.7)

WordPress Plugin Community Events SQL Injection (1.3.5)

WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.9.2)

Severity

Medium

Classification

CVE-2014-9219 CWE-707

Tags

Missing Update Known Vulnerabilities