Summary: phpMyAdmin has released version 5.2.2 to address two cross-site scripting (XSS) vulnerabilities that could allow attackers to inject malicious scripts. The update also resolves a potential vulnerability related to the glibc/iconv library, although phpMyAdmin clarified that it is not vulnerable by default. Users are urged to upgrade to the latest version to ensure their systems are secure.
Threat Actor: Unknown | unknown
Victim: phpMyAdmin Users | phpMyAdmin Users
Keypoints :
- Two XSS vulnerabilities identified in the “Check tables” (CVE-2025-24530) and “Insert” features (CVE-2025-24529).
- phpMyAdmin 5.2.2 includes patches to mitigate these vulnerabilities.
- Users are advised to upgrade to the latest version or apply provided patches if immediate upgrading is not possible.
Source: https://securityonline.info/phpmyadmin-patches-xss-vulnerabilities-in-latest-release/