Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix XSS on server privileges
Signed-off-by: Michal Čihař <michal@cihar.com>
  • Loading branch information
nijel committed Jun 15, 2016
1 parent 7221357 commit 03f73d4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions libraries/server_privileges.lib.php
Expand Up @@ -806,7 +806,7 @@ function PMA_getHtmlForRequires($row)
. 'REQUIRE CIPHER'
. '</dfn></code></label>';
$html_output .= '<input type="text" name="ssl_cipher" id="text_ssl_cipher" '
. 'value="' . (isset($row['ssl_cipher']) ? $row['ssl_cipher'] : '') . '" '
. 'value="' . (isset($row['ssl_cipher']) ? htmlspecialchars($row['ssl_cipher']) : '') . '" '
. 'size=80" title="'
. __(
'Requires that a specific cipher method be used for a connection.'
Expand All @@ -826,7 +826,7 @@ function PMA_getHtmlForRequires($row)
. 'REQUIRE ISSUER'
. '</dfn></code></label>';
$html_output .= '<input type="text" name="x509_issuer" id="text_x509_issuer" '
. 'value="' . (isset($row['x509_issuer']) ? $row['x509_issuer'] : '') . '" '
. 'value="' . (isset($row['x509_issuer']) ? htmlspecialchars($row['x509_issuer']) : '') . '" '
. 'size=80" title="'
. __(
'Requires that a valid X509 certificate issued by this CA be presented.'
Expand All @@ -846,7 +846,7 @@ function PMA_getHtmlForRequires($row)
. 'REQUIRE SUBJECT'
. '</dfn></code></label>';
$html_output .= '<input type="text" name="x509_subject" id="text_x509_subject" '
. 'value="' . (isset($row['x509_subject']) ? $row['x509_subject'] : '')
. 'value="' . (isset($row['x509_subject']) ? htmlspecialchars($row['x509_subject']) : '')
. '" size=80" title="'
. __(
'Requires that a valid X509 certificate with this subject be presented.'
Expand Down

0 comments on commit 03f73d4

Please sign in to comment.