Bug 27909

Summary: ** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Export Section.
Product: Mageia Reporter: Zombie Ryushu <zombie_ryushu>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED INVALID QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://nvd.nist.gov/vuln/detail/CVE-2020-22278
Whiteboard:
Source RPM: phpmyadmin-4.9.7-1.mga7.src CVE: CVE-2020-22278
Status comment:

Description Zombie Ryushu 2020-12-23 08:55:37 CET 
** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents."
Zombie Ryushu 2020-12-23 08:56:10 CET

CVE: (none) => CVE-2020-22278

Comment 1 David Walser 2020-12-23 17:53:35 CET 
Disputed, i.e. INVALID.

Resolution: (none) => INVALID
Status: NEW => RESOLVED