phpMyAdmin 3.3.1 - 4.1.6 XSS
Low Nessus Network Monitor Plugin ID 8151
SynopsisThe remote web server contains a PHP application that is affected by a cross-site scripting vulnerability.
DescriptionVersions of phpMyAdmin 3.3.1 through 4.1.6 (inclusive) are affected by a cross-site scripting vulnerability, due to insufficient user input sanitation of filenames within the 'import.php' script.
SolutionEither upgrade to phpMyAdmin 4.1.7 or later, or apply the patches from the referenced link.