CVE-2020-22278

Improper Neutralization of Escape, Meta, or Control Sequences in packagist/phpmyadmin/phpmyadmin

Identifier

CVE-2020-22278

Package Slug

packagist/phpmyadmin/phpmyadmin

Vulnerability

Improper Neutralization of Escape, Meta, or Control Sequences

Description

phpMyAdmin may allow CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents".

Affected Versions

All versions up to 5.0.2

Solution

Upgrade to version 5.0.3 or above.

Last Modified

2020-11-16

source