CVE-2016-2040

Priority
Description
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x
before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow
remote authenticated users to inject arbitrary web script or HTML via a (1)
table name, (2) SET value, (3) search query, or (4) hostname in a Location
header.
Notes
More Information

Updated: 2020-07-28 18:34:04 UTC (commit 7b6828437fde0509248708fcdb5b0f7587b85bd1)