XSS Vulnerability in phpMyAdmin Navigation Tree via Crafted Database/Table Name

CVE-2018-19970 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

Learn more about our User Device Pen Test.