Skip to content

Commit 2c45d7c

Browse files
madhuracjMarc Delisle
authored and
Marc Delisle
committed
bug #4502 [security] Self-XSS in enum value editor
Signed-off-by: Marc Delisle <marc@infomarc.info>
1 parent 647c9d1 commit 2c45d7c

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

Diff for: ChangeLog

+1
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ phpMyAdmin - ChangeLog
33

44
4.2.7.1 (2014-08-17)
55
- bug #4501 [security] XSS in table browse page
6+
- bug #4502 [security] Self-XSS in enum value editor
67
- bug #4505 [security] XSS in view operations page
78

89
4.2.7.0 (2014-07-31)

Diff for: js/functions.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -2692,7 +2692,7 @@ AJAX.registerOnload('functions.js', function () {
26922692
} else {
26932693
title = PMA_messages.enum_columnVals.replace(
26942694
/%s/,
2695-
'"' + decodeURIComponent(colname) + '"'
2695+
'"' + escapeHtml(decodeURIComponent(colname)) + '"'
26962696
);
26972697
}
26982698
// Get the values as a string

0 commit comments

Comments
 (0)