CRLF Injection Vulnerability in phpMyAdmin by phpMyAdmin Team
CVE-2020-11441
6.1MEDIUM
What is CVE-2020-11441?
A CRLF injection vulnerability exists in phpMyAdmin 5.0.2, allowing malicious users to manipulate input fields in the login form. This can lead to unintended reflection of CRLF sequences on the error page, potentially enabling attackers to craft misleading responses. The vendor acknowledges the issue but has indicated that specific exploitable conditions are not evident. Proper validation and sanitization of user input are essential to mitigate this type of vulnerability.