File tree 2 files changed +2
-1
lines changed
2 files changed +2
-1
lines changed Original file line number Diff line number Diff line change @@ -15,6 +15,7 @@ phpMyAdmin - ChangeLog
1515- bug #4444 No insert statement produced in SQL export for queries with alias
1616- bug #4596 [security] XSS through exception stack
1717- bug #4595 [security] Path traversal can lead to leakage of line count
18+ - bug #4578 [security] XSS vulnerability in table print view
1819
19204.2.11.0 (2014-10-31)
2021- bug ReferenceError: Table_onover is not defined
Original file line number Diff line number Diff line change @@ -107,7 +107,7 @@ function PMA_getHtmlForPrintViewColumns(
107107 $ html .= ' ' . $ field_name . "\n" ;
108108 }
109109 $ html .= '</td> ' ;
110- $ html .= '<td> ' . $ type . '<bdo dir="ltr"></bdo></td> ' ;
110+ $ html .= '<td> ' . htmlspecialchars ( $ type) . '<bdo dir="ltr"></bdo></td> ' ;
111111 $ html .= '<td> ' ;
112112 $ html .= (($ row ['Null ' ] == '' || $ row ['Null ' ] == 'NO ' )
113113 ? __ ('No ' )
You can’t perform that action at this time.
0 commit comments