Skip to content

Commit

Permalink
bug #4502 [security] Self-XSS in enum value editor
Browse files Browse the repository at this point in the history 
Signed-off-by: Marc Delisle <marc@infomarc.info>
  • Loading branch information
@madhuracj @lem9
madhuracj authored and lem9 committed Aug 17, 2014
1 parent 647c9d1 commit 2c45d7c
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions ChangeLog
View file
Expand Up @@ -3,6 +3,7 @@ phpMyAdmin - ChangeLog

4.2.7.1 (2014-08-17)
- bug #4501 [security] XSS in table browse page
- bug #4502 [security] Self-XSS in enum value editor
- bug #4505 [security] XSS in view operations page

4.2.7.0 (2014-07-31)
Expand Down
2 changes: 1 addition & 1 deletion js/functions.js
View file
Expand Up @@ -2692,7 +2692,7 @@ AJAX.registerOnload('functions.js', function () {
} else {
title = PMA_messages.enum_columnVals.replace(
/%s/,
'"' + decodeURIComponent(colname) + '"'
'"' + escapeHtml(decodeURIComponent(colname)) + '"'
);
}
// Get the values as a string
Expand Down

0 comments on commit 2c45d7c

Please sign in to comment.