Description
Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2014-0117)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4588)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3383)
Envoy Proxy Integer Underflow (Wrap or Wraparound) Vulnerability (CVE-2024-32975)