phpMyAdmin -- Multiple XSS

2011-11-24T00:00:00
ID ED536336-1C57-11E1-86F4-E0CB4E266481
Type freebsd
Reporter FreeBSD
Modified 2011-11-24T00:00:00

Description

The phpMyAdmin development team reports:

Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs.