In phpMyAdmin prior (phpMyAdmin 4.9.x releases prior to 4.9.5 and the 5.0.x releases prior to 5.0.2) SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results. The attacker must be able to insert crafted data into certain database tables, which when retrieved can trigger the XSS attack.
Created phpMyAdmin tracking bugs for this issue:
Affects: epel-all [bug 1816132]
Affects: fedora-all [bug 1816133]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.