CVE-2014-9219 – Mandriva Linux Security Advisory 2014-243

https://notcve.org/view.php?id=CVE-2014-9219

08 Dec 2014 — Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter. Vulnerabilidad de XSS en la caracteristica de redirección en url.php en phpMyAdmin 4.2.x anterior a 4.2.13.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro url. Multiple vulnerabilities has been discovered and corrected in libraries/common.inc.php in p... • http://www.mandriva.com/security/advisories?name=MDVSA-2014:243 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •