MGASA-2023-0049

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0049.html

Import Source

https://advisories.mageia.org/MGASA-2023-0049.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2023-0049

Published

2023-02-14T22:43:23Z

Modified

2026-04-16T04:22:41.656097Z

Summary

Updated phpmyadmin packages fix security vulnerability

Details

Security fix for an XSS vulnerability in the drag-and-drop upload functionality (PMASA-2023-01)

Additional bugfixes including - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick issue #17519 Fix Export pages not working in certain conditions issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page issue #17248 Support the UUID data type for MariaDB >= 10.7 issue #16042 Fixes malformed downloads when using gzip compression type and FireFox browser Add spellcheck="false" to all password fields and some text fields to avoid spell-jacking data leaks Fixes for JavaScript errors when using Designer Fixes for PHP 8.2 compatibility

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / phpmyadmin

Package

Name: phpmyadmin
Purl: pkg:rpm/mageia/phpmyadmin?arch=source&distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.2.1-1.mga8

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2023-0049.json"