Description

Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.

Remediation

References

CVE-2016-5099

Related Vulnerabilities

WordPress Plugin WP Responsive Testimonials Slider And Widget Cross-Site Scripting (1.5)

WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0)

WordPress Plugin HTML5 Maps Cross-Site Request Forgery (1.6.5.6)

PHP CVE-2004-1063 Vulnerability (CVE-2004-1063)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17300)

Severity

Medium

Classification

CVE-2016-5099 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities