Fix XSS in normalization

Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
phpmyadmin · Feb 25, 2016 · 746240b · 746240b
1 parent 38fa119
commit 746240b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/normalization.php b/normalization.php
@@ -72,7 +72,7 @@
 $scripts->addFile('normalization.js');
 $scripts->addFile('jquery/jquery.uitablefilter.js');
 $normalForm = '1nf';
-if (isset($_REQUEST['normalizeTo'])) {
+if (PMA_isValid($_REQUEST['normalizeTo'], array('1nf', '2nf', '3nf'))) {
     $normalForm = $_REQUEST['normalizeTo'];
 }
 if (isset($_REQUEST['createNewTables2NF'])) {