18 Sep
2019
18 Sep
'19
12:55 p.m.
It “seems" it would be an easy fix. According to the original poster it says he alerted the development team. I searched the archive and maybe he private messaged a couple developers? https://www.cvedetails.com/cve/CVE-2019-12922/ <https://www.cvedetails.com/cve/CVE-2019-12922/> https://seclists.org/fulldisclosure/2019/Sep/23 <https://seclists.org/fulldisclosure/2019/Sep/23> The bug would have very low probability of exploit. You would have to be logged into an existing phpmyadmin session and simultaneously trick the user to click on a link while in the setup stage. Thought I would post here that the bug is publicly posted. Thanks, Todd P.S. Enjoy phpmyadmin. Been using it off and on over a decade.