From upstream announcement:
Security fix: phpMyAdmin 4.7.8 is released
Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes.
The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya https://www.linkedin.com/in/mayur-udiniya-09247b129/ for finding and responsibly disclosing this flaw.
We recommend all users upgrade to resolve this security problem.
A complete list of new features and bugs that have been fixed is available in the ChangeLog file or changelog.php included with this release.
Notable changes since 4.7.7:
Additionally, there have been continuous improvements to many of the translations. If you don't see your language or find a problem, you can contribute too; see https://www.phpmyadmin.net/translate/ for details.
sudo dnf upgrade --advisory=FEDORA-2018-147d33439c
|submitted||a year ago|
|in testing||a year ago|
|in stable||a year ago|
|modified||a year ago|
|0||0||#1547748 CVE-2018-7260 phpMyAdmin: XSS in db_central_columns.php|
|0||0||#1547750 CVE-2018-7260 phpMyAdmin: XSS in db_central_columns.php [fedora-all]|