Phpmyadmin · Phpmyadmin · CVE-2011-4782
**Name of the Vulnerable Software and Affected Versions**
phpMyAdmin versions 3.4.x through 3.4.8
**Description**
A cross-site scripting (XSS) issue exists in the setup interface, allowing remote attackers to inject arbitrary web script or HTML. This is achieved by manipulating the `host` parameter in the libraries/config/ConfigFile.class.php file.
**Recommendations**
For phpMyAdmin versions 3.4.x through 3.4.8, update to version 3.4.9 or later to resolve the issue.