diff --git a/ChangeLog b/ChangeLog
index 655e70af9..66fa1c6a1 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,10 @@ phpMyAdmin - Changelog
 $Id$
 $Source$
 
+2005-07-21 Marc Delisle  <lem9@users.sourceforge.net>
+    * libraries/auth/cookie.auth.lib.php: bug #1240880, XSS on the
+	  cookie-based login panel
+
 2005-07-20 Marc Delisle  <lem9@users.sourceforge.net>
     * ChangeLog: automatic utf-8 encoding modeline, thanks to Michal
 
diff --git a/libraries/auth/cookie.auth.lib.php b/libraries/auth/cookie.auth.lib.php
index 9e81da0e9..7de67f813 100644
--- a/libraries/auth/cookie.auth.lib.php
+++ b/libraries/auth/cookie.auth.lib.php
@@ -618,7 +618,7 @@ global $conn_error, $server;
     } else if (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) {
         $conn_error = sprintf($GLOBALS['strNoActivity'],$GLOBALS['cfg']['LoginCookieValidity']);
     } else if (PMA_DBI_getError()) {
-        $conn_error = PMA_DBI_getError();
+        $conn_error = PMA_sanitize(PMA_DBI_getError());
     } else if (isset($php_errormsg)) {
         $conn_error = $php_errormsg;
     } else {