Skip to content

Commit 41c4e02

Browse files
committed
Fix XSS in zoom search
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
1 parent cc55f44 commit 41c4e02

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

Diff for: libraries/controllers/TableSearchController.class.php

+5-1
Original file line numberDiff line numberDiff line change
@@ -471,7 +471,11 @@ public function changeTableInfoAction()
471471
return;
472472
}
473473
$key = array_search($field, $this->_columnNames);
474-
$properties = $this->getColumnProperties($_REQUEST['it'], $key);
474+
$search_index = 0;
475+
if (PMA_isValid($_REQUEST['it'], 'integer')) {
476+
$search_index = $_REQUEST['it'];
477+
}
478+
$properties = $this->getColumnProperties($search_index, $key);
475479
$this->response->addJSON(
476480
'field_type', htmlspecialchars($properties['type'])
477481
);

0 commit comments

Comments
 (0)