Description

Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.

Remediation

References

CVE-2016-5099

Related Vulnerabilities

WordPress Plugin Staff Directory:Company Directory Cross-Site Request Forgery (3.6)

WordPress Plugin Malware Scanner Unspecified Vulnerability (4.7.3)

Dotclear Other Vulnerability (CVE-2007-3688)

WordPress Plugin AmazonFeed Cross-Site Scripting (2.1)

Moodle Improper Privilege Management Vulnerability (CVE-2023-5549)

Severity

Medium

Classification

CVE-2016-5099 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities