CVE-2016-1000373
CVE-2016-9866 concerns phpMyAdmin and describes that when the arg_separator is not the default “&”, the CSRF token is not properly stripped from the return URL of the preference import action. Affected releases include 4.6.x prior to 4.6.5, 4.4.x prior to 4.4.15.9, and 4.0.x prior to 4.0.10.18. T...