phpMyAdmin 4.9.11 and 5.2.1 are released


The phpMyAdmin team is pleased to announce the release of phpMyAdmin version 5.2.1. This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop upload functionality (PMASA-2023-01). We are also releasing version 4.9.11 which exclusively fixes the XSS vulnerability.

This release of 5.2.1 contains many bug fixes.

Some highlights include: - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick - issue #17519 Fix Export pages not working in certain conditions - issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing - issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page - issue #17248 Support the UUID data type for MariaDB >= 10.7 - issue #16042 Fixes malformed downloads when using gzip compression type and FireFox browser - Add spellcheck="false" to all password fields and some text fields to avoid spell-jacking data leaks - Fixes for JavaScript errors when using Designer - Fixes for PHP 8.2 compatibility

There are, of course, many more fixes and new features that you can see in the ChangeLog file included with this release or online at

Downloads are available now at

For the phpMyAdmin team, Isaac