VDB
GCVE-110-MAGEIA-2023-49
GCVE-110-MAGEIA-2023-49
Advisory Published
Security fix for an XSS vulnerability in the drag-and-drop upload
functionality (PMASA-2023-01)
Additional bugfixes including -
issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick
issue #17519 Fix Export pages not working in certain conditions
issue #17121 Fix password_hash function incorrectly adding single quotes
to password before hashing
issue #17736 Add utf8mb3 as an alias of utf8 on the charset description
page
issue #17248 Support the UUID data type for MariaDB >= 10.7
issue #16042 Fixes malformed downloads when using gzip compression type
and FireFox browser
Add `spellcheck="false"` to all password fields and some text fields to
avoid spell-jacking data leaks
Fixes for JavaScript errors when using Designer
Fixes for PHP 8.2 compatibility
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | phpmyadmin | 0 (affected), 5.2.1-1.mga8 (unaffected), 0 (affected), 5.2.1-1.mga8 (unaffected) | — |
| Mageia | qt-fsarchiver | 0 (affected), 0.8.6.7-1.1.mga8 (unaffected) | — |
| Mageia | ccrypt | 0 (affected), 1.11-1.mga8 (unaffected) | — |
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.