VDB

GCVE-110-MAGEIA-2023-49

GCVE-110-MAGEIA-2023-49
Advisory Published
Vulnetix · Advisory published February 14, 2023
Security fix for an XSS vulnerability in the drag-and-drop upload functionality (PMASA-2023-01) Additional bugfixes including - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick issue #17519 Fix Export pages not working in certain conditions issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page issue #17248 Support the UUID data type for MariaDB >= 10.7 issue #16042 Fixes malformed downloads when using gzip compression type and FireFox browser Add `spellcheck="false"` to all password fields and some text fields to avoid spell-jacking data leaks Fixes for JavaScript errors when using Designer Fixes for PHP 8.2 compatibility

Affected Products

VendorProductVersionsPlatforms
Mageiaphpmyadmin0 (affected), 5.2.1-1.mga8 (unaffected), 0 (affected), 5.2.1-1.mga8 (unaffected)
Mageiaqt-fsarchiver0 (affected), 0.8.6.7-1.1.mga8 (unaffected)
Mageiaccrypt0 (affected), 1.11-1.mga8 (unaffected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›