phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26934
Reference (s):
- FEDORA:FEDORA-2020-43d8624421
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHST4E5IJG7IKZTTW3R6MEZPVHJZ472K/
- FEDORA:FEDORA-2020-4e78c86902
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNLGHVDNAEZEGRTUESSSQFM7MZTHIDQ5/
- FEDORA:FEDORA-2020-eadda524a8