Multiple XSS vlunerabilities were reported [1] in phpMyAdmin: - With a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page. - With a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoom search pages. - With a crafted value for font size it is possible to trigger an XSS attack in the home page. [1]: http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
Created phpMyAdmin tracking bugs for this issue: Affects: fedora-all [bug 1166621] Affects: epel-6 [bug 1166623] Affects: epel-7 [bug 1166624]
Created phpMyAdmin4 tracking bugs for this issue: Affects: epel-5 [bug 1166622]
phpMyAdmin-4.0.10.6-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.2.12-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.2.12-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.2.12-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin4-4.0.10.6-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-4.2.12-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.