Advisories » MGASA-2018-0156

Updated phpmyadmin package fixes a security vulnerability

Publication date: 03 Mar 2018
Modification date: 03 Mar 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-7260

Description

Updated phpmyadmin package fixes security vulnerability:

A self-cross site scripting (XSS) vulnerability has been reported relating to
the central columns feature (CVE-2018-7260).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22640
• https://www.phpmyadmin.net/security/PMASA-2018-1/
• https://www.phpmyadmin.net/files/4.7.8/
• https://www.phpmyadmin.net/news/2018/2/20/security-fix-phpmyadmin-478-released/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7260

SRPMS

6/core

• phpmyadmin-4.7.8-1.mga6