phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2016-6607

XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack) GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack) Relation view the following Transformations: Formatted Imagelink JPEG: Upload RegexValidation JPEG inline PNG inline and transformation wrapper XML export MediaWiki export Designer When the MySQL server is running with a specially-crafted log_bin directive Database tab Replication feature and Database search. All 4.6.x versions (prior to 4.6.4) 4.4.x versions (prior to 4.4.15.8) and 4.0.x versions (prior to 4.0.10.17) are affected.