CVE-2013-4996

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted database name, 2 a crafted user name, 3 a crafted logo URL in the navigation panel, 4 a...