Skip to content

Commit daa98d0

Browse files
ZweiSteinSoftMarc Delisle
authored and
Marc Delisle
committed
Fix XSS in Hide navigation items feature
Signed-off-by: Ann + J.M <phpMyAdmin@ZweiSteinSoft.de>
1 parent 4bb85f5 commit daa98d0

File tree

2 files changed

+6
-6
lines changed

2 files changed

+6
-6
lines changed

Diff for: libraries/navigation/Navigation.class.php

+3-3
Original file line numberDiff line numberDiff line change
@@ -189,9 +189,9 @@ public function getItemUnhideDialog($dbName, $itemType = null, $tableName = null
189189
$html .= '<td style="width:80px"><a href="navigation.php?'
190190
. PMA_URL_getCommon()
191191
. '&unhideNavItem=true'
192-
. '&itemType=' . $t
193-
. '&itemName=' . urldecode($hiddenItem)
194-
. '&dbName=' . urldecode($dbName) . '"'
192+
. '&itemType=' . urlencode($t)
193+
. '&itemName=' . urlencode($hiddenItem)
194+
. '&dbName=' . urlencode($dbName) . '"'
195195
. ' class="unhideNavItem ajax">'
196196
. PMA_Util::getIcon('lightbulb.png', __('Show'))
197197
. '</a></td>';

Diff for: libraries/navigation/Nodes/Node_DatabaseChild.class.php

+3-3
Original file line numberDiff line numberDiff line change
@@ -32,9 +32,9 @@ public function getHtmlForControlButtons()
3232
. '<a href="navigation.php?'
3333
. PMA_URL_getCommon()
3434
. '&hideNavItem=true'
35-
. '&itemType=' . urldecode($this->getItemType())
36-
. '&itemName=' . urldecode($item)
37-
. '&dbName=' . urldecode($db) . '"'
35+
. '&itemType=' . urlencode($this->getItemType())
36+
. '&itemName=' . urlencode($item)
37+
. '&dbName=' . urlencode($db) . '"'
3838
. ' class="hideNavItem ajax">'
3939
. PMA_Util::getImage('lightbulb_off', __('Hide'))
4040
. '</a></span>';

0 commit comments

Comments
 (0)