A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim. Upstream advisory: https://www.phpmyadmin.net/security/PMASA-2019-4/
Created phpMyAdmin tracking bugs for this issue: Affects: epel-all [bug 1717408] Affects: fedora-all [bug 1717406]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.