Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1879 to the following vulnerability: Name: CVE-2014-1879 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1879 Assigned: 20140207 Reference: http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php Reference: https://github.com/phpmyadmin/phpmyadmin/commit/968d5d5f486820bfa30af046f063b9f23304e14a Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
Created phpMyAdmin tracking bugs for this issue: Affects: fedora-all [bug 1067714] Affects: epel-6 [bug 1067715]
Created phpMyAdmin3 tracking bugs for this issue: Affects: epel-5 [bug 1067716]
phpMyAdmin-4.2.6-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.2.6-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.0.10.1-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin4-4.0.10.3-2.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.