phpMyAdmin through 5.0.2 allows CSV injection via Export Section. Reference: https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22278.pdf
Created phpMyAdmin tracking bugs for this issue: Affects: fedora-all [bug 1895101]
Upstream said: invalid https://github.com/phpmyadmin/phpmyadmin/issues/16101