Skip to content

Commit d32da34

Browse files
committed
bug #4578 [security] XSS vulnerability in table print view
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
1 parent b99b6b6 commit d32da34

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

Diff for: ChangeLog

+1
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ phpMyAdmin - ChangeLog
1515
- bug #4444 No insert statement produced in SQL export for queries with alias
1616
- bug #4596 [security] XSS through exception stack
1717
- bug #4595 [security] Path traversal can lead to leakage of line count
18+
- bug #4578 [security] XSS vulnerability in table print view
1819

1920
4.2.11.0 (2014-10-31)
2021
- bug ReferenceError: Table_onover is not defined

Diff for: libraries/tbl_printview.lib.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ function PMA_getHtmlForPrintViewColumns(
107107
$html .= ' ' . $field_name . "\n";
108108
}
109109
$html .= '</td>';
110-
$html .= '<td>' . $type . '<bdo dir="ltr"></bdo></td>';
110+
$html .= '<td>' . htmlspecialchars($type) . '<bdo dir="ltr"></bdo></td>';
111111
$html .= '<td>';
112112
$html .= (($row['Null'] == '' || $row['Null'] == 'NO')
113113
? __('No')

0 commit comments

Comments
 (0)