phpmyadmin: a CSRF in the setup page allows deletion of server (CVE-2019-12922)
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
References:
- https://seclists.org/fulldisclosure/2019/Sep/23
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12922
Affected branches:
-
master -
3.10-stable