Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information.
Exploitability
AV:NAC:MAu:SImpact
C:NI:PA:N3.5/AV:N/AC:M/Au:S/C:N/I:P/A:N