phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-12581 - Vulnerability Database

phpMyAdmin

phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-12581

Medium

Reference: CVE-2018-12581

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12581

Title: phpMyAdmin Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature.