Multiple XSS vulnerabilities
Multiple XSS vulnerabilities were found in the following areas:
We consider this vulnerability to be non-critical.
All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 220.127.116.11) are affected
Upgrade to phpMyAdmin 4.6.4, 18.104.22.168, or newer or apply patch listed below.
Thanks to Emanuel Bronshtein @e3amn2l for reporting this vulnerability.
Assigned CVE ids: CVE-2016-6615
CWE ids: CWE-661
The following commits have been made on the 4.4 branch to fix this issue:
The following commits have been made on the 4.6 branch to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.