Skip to content

Commit 90ddeec

Browse files
madhuracjMarc Delisle
authored and
Marc Delisle
committed
bug #4504 [security] Self-XSS in query charts
Signed-off-by: Marc Delisle <marc@infomarc.info>
1 parent cd9f302 commit 90ddeec

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

Diff for: ChangeLog

+1
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ phpMyAdmin - ChangeLog
55
- bug #4501 [security] XSS in table browse page
66
- bug #4502 [security] Self-XSS in enum value editor
77
- bug #4503 [security] Self-XSSes in monitor
8+
- bug #4504 [security] Self-XSS in query charts
89
- bug #4505 [security] XSS in view operations page
910

1011
4.2.7.0 (2014-07-31)

Diff for: js/tbl_chart.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ function PMA_queryChart(data, columnNames, settings) {
4747
},
4848
axes : {
4949
xaxis : {
50-
label : settings.xaxisLabel
50+
label : escapeHtml(settings.xaxisLabel)
5151
},
5252
yaxis : {
5353
label : settings.yaxisLabel

0 commit comments

Comments
 (0)