Description

An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.

Remediation

References

CVE-2016-9857

Related Vulnerabilities

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0441)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0790)

Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14233)

WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (4.0.7)

MySQL CVE-2019-2997 Vulnerability (CVE-2019-2997)

Severity

Medium

Classification

CVE-2016-9857 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities