CVE-2020-22278
Improper Neutralization of Escape, Meta, or Control Sequences in packagist/phpmyadmin/phpmyadmin
Identifiers
CVE-2020-22278
Package Slug
packagist/phpmyadmin/phpmyadmin
Vulnerability
Improper Neutralization of Escape, Meta, or Control Sequences
Description
phpMyAdmin may allow CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents".
Affected Versions
All versions up to 5.0.2
Solution
Upgrade to version 5.0.3 or above.
Last Modified
2020-11-16
| source |