Red Hat Bugzilla – Bug 989663
CVE-2013-5001 phpMyAdmin: XSS when transforming text to link (PMASA-2013-13)
Last modified: 2016-03-04 07:45:05 EST
A cross-site scripting (XSS) flaw was found in the way phpMyAdmin, a tool written in PHP intended to handle the administration of MySQL over the World Wide Web, used to sanitize object name when the TextLinkTransformationPlugin was used to create a link to an object when displaying contents of a table.
This issue did not affect the latest version of the phpMyAdmin package, as shipped with Fedora 18, 19, Fedora EPEL-6, and Fedora EPEL-5.
The CVE identifier of CVE-2013-5001 has been assigned to this issue: