Skip to content

Commit cd9f302

Browse files
madhuracjMarc Delisle
authored and
Marc Delisle
committed
bug #4503 [security] Self-XSSes in monitor
Signed-off-by: Marc Delisle <marc@infomarc.info>
1 parent 2c45d7c commit cd9f302

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

Diff for: ChangeLog

+1
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ phpMyAdmin - ChangeLog
44
4.2.7.1 (2014-08-17)
55
- bug #4501 [security] XSS in table browse page
66
- bug #4502 [security] Self-XSS in enum value editor
7+
- bug #4503 [security] Self-XSSes in monitor
78
- bug #4505 [security] XSS in view operations page
89

910
4.2.7.0 (2014-07-31)

Diff for: js/server_status_monitor.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -908,7 +908,7 @@ AJAX.registerOnload('server_status_monitor.js', function () {
908908
label: $('#variableInput').val().replace(/_/g, " ")
909909
};
910910
newChart.series.push(newSeries);
911-
$('#seriesPreview').append('- ' + newSeries.label + str + '<br/>');
911+
$('#seriesPreview').append('- ' + escapeHtml(newSeries.label + str) + '<br/>');
912912
newChart.nodes.push(serie);
913913
$('#variableInput').val('');
914914
$('input[name="differentialValue"]').prop('checked', true);

0 commit comments

Comments
 (0)