Skip to content

Commit

Permalink
bug #4501 [security] XSS in table browse page
Browse files Browse the repository at this point in the history 
Signed-off-by: Marc Delisle <marc@infomarc.info>
  • Loading branch information
@madhuracj @lem9
madhuracj authored and lem9 committed Aug 17, 2014
1 parent 0cd293f commit 647c9d1
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions ChangeLog
View file
Expand Up @@ -2,6 +2,7 @@ phpMyAdmin - ChangeLog
======================

4.2.7.1 (2014-08-17)
- bug #4501 [security] XSS in table browse page
- bug #4505 [security] XSS in view operations page

4.2.7.0 (2014-07-31)
Expand Down
2 changes: 1 addition & 1 deletion js/sql.js
View file
Expand Up @@ -119,7 +119,7 @@ AJAX.registerOnload('sql.js', function () {
// Delete row from SQL results
$('a.delete_row.ajax').live('click', function (e) {
e.preventDefault();
var question = $.sprintf(PMA_messages.strDoYouReally, $(this).closest('td').find('div').text());
var question = $.sprintf(PMA_messages.strDoYouReally, escapeHtml($(this).closest('td').find('div').text()));
var $link = $(this);
$link.PMA_confirm(question, $link.attr('href'), function (url) {
$msgbox = PMA_ajaxShowMessage();
Expand Down

0 comments on commit 647c9d1

Please sign in to comment.