diff --git a/ChangeLog b/ChangeLog
index b8f159afe..c9445154f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -23,6 +23,7 @@ phpMyAdmin - ChangeLog
 - [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
 - [security] Self-XSS on column type (Create index), see PMASA-2011-18
 - [security] Self-XSS on column type (table Search), see PMASA-2011-18
+- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
 
 3.4.7.1 (2011-11-10)
 - [security] Fixed possible local file inclusion in XML import
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index ad382663a..caeeee200 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -1059,13 +1059,10 @@ function PMA_showMessage($message, $sql_query = null, $type = 'notice', $is_view
         } else {
             // Parse SQL if needed
             $parsed_sql = PMA_SQP_parse($query_base);
-            if (PMA_SQP_isError()) {
-                unset($parsed_sql);
-            }
         }
 
         // Analyze it
-        if (isset($parsed_sql)) {
+        if (isset($parsed_sql) && ! PMA_SQP_isError()) {
             $analyzed_display_query = PMA_SQP_analyze($parsed_sql);
             // Here we append the LIMIT added for navigation, to
             // enable its display. Adding it higher in the code