We received a security advisory from Stefan Esser (email@example.com) and we wish to thank him for his work. It was possible to produce XSS via a special URL containing UTF-7 codes
We consider this vulnerability to be serious.
2.6.4 to 220.127.116.11.
Upgrade to phpMyAdmin 18.104.22.168 or newer.
Assigned CVE ids: CVE-2006-5718
The following commits have been made to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.