Announcement-ID: PMASA-2014-6 Date: 2014-07-17 Summary: Multiple XSS in AJAX confirmation messages. Description: With a crafted column name it is possible to trigger an XSS when dropping the column in table structure page. With a crafted table name it is possible to trigger an XSS when dropping or truncating the table in table operations page. Severity: We consider this vulnerability to be non-critical. Mitigation factor: This vulnerability can be triggered only by someone who is logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required pages. Affected Versions: Versions 4.0.x (prior to 4.0.10.1), 4.1.x (prior to 4.1.14.2) and 4.2.x (prior to 4.2.6) are affected. Solution: Upgrade to phpMyAdmin 4.0.10.1 or newer, or 4.1.14.2 or newer, or 4.2.6 or newer, or apply the patch listed below. References: - Assigned CVE ids: CVE-2014-4986 - CWE ids: CWE-661 CWE-79 Patches: - 29a1f56495a7d1d98da31a614f23c0819a606a4d - a92753bd65e1f8b72c46ed3dda6c362628e0daf7 (4.0 branch) - cd5697027a2ee7e1f7d7000b23be6051cdb0516c (4.1 branch)