CVE-2020-22278: Improper Neutralization of Escape, Meta, or Control Sequences
(updated )
phpMyAdmin may allow CSV injection via Export Section. NOTE: the vendor disputes this because “the CSV file is accurately generated based on the database contents”.
References
Code Behaviors & Features
Detect and mitigate CVE-2020-22278 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →