Name of the Vulnerable Software and Affected Versions phpMyAdmin (affected versions not specified)

Description The issue concerns a security fix for an XSS vulnerability in the drag-and-drop upload functionality. Additional bugfixes include resolving errors when configuring 2FA without XMLWriter or Imagick, fixing export pages not working in certain conditions, and correcting the password hash function incorrectly adding single quotes to passwords before hashing. Other fixes involve adding utf8mb3 as an alias of utf8 on the charset description page, supporting the UUID data type for MariaDB >= 10.7, and fixing malformed downloads when using gzip compression type and the FireFox browser. To prevent spell-jacking data leaks, spellcheck="false" has been added to all password fields and some text fields. Fixes for JavaScript errors when using Designer and for PHP 8.2 compatibility have also been implemented.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.