CVE-2020-22278
packagist/phpmyadmin/phpmyadmin
Improper Neutralization of Escape, Meta, or Control Sequences
phpMyAdmin may allow CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents".
All versions up to 5.0.2
Upgrade to version 5.0.3 or above.
2020-11-16
source |