http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=bd3735ba584e7a49aee78813845245354b061f61 http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.
Already updated on all branches: - https://admin.fedoraproject.org/updates/FEDORA-2011-17369/phpMyAdmin-3.4.9-1.fc16 - https://admin.fedoraproject.org/updates/FEDORA-2011-17370/phpMyAdmin-3.4.9-1.fc15 - https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5331/phpMyAdmin-3.4.9-1.el6 - https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-5332/phpMyAdmin3-3.4.9-1.el5
phpMyAdmin-3.4.9-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-3.4.9-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.