CVE-2019-1000004

Name of the Vulnerable Software and Affected Versions: JspMyAdmin2 versions 1.0.6 and earlier

Description: The issue concerns a Cross Site Scripting (XSS) vulnerability in the sidebar and table data. This vulnerability occurs because database fields are not properly sanitized, allowing code injection. The attack is exploitable if the payload is stored in the database and the victim views the affected database value.

Recommendations: For JspMyAdmin2 versions 1.0.6 and earlier, as a temporary workaround, consider restricting access to the vulnerable sidebar and table data until a patch is available. Avoid displaying unsanitized database values to users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.