CVE-2019-19617: Improper Neutralization of Escape, Meta, or Control Sequences

December 6, 2019 (updated December 23, 2019)

phpMyAdmin does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.

References

nvd.nist.gov/vuln/detail/CVE-2019-19617
www.phpmyadmin.net/news/2019/11/22/phpmyadmin-492-released/

Detect and mitigate CVE-2019-19617 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →