Arbitrary web script injection vulnerability in phpMyAdmin OpenID error message handling

Arbitrary web script injection vulnerability in phpMyAdmin OpenID error message handling

CVE-2016-5731 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.

Learn more about our Web App Pen Testing.