nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Self-XSS in setup (host parameter), see PMASA-2011-19

Browse Source
This commit is contained in:
Michal Čihař
2011-12-13 12:42:39 -05:00
committed by Marc Delisle
parent bd3735ba58
commit 0e707906e6
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libraries/config/ConfigFile.class.php
View File

@@ -425,7 +425,7 @@ class ConfigFile
return htmlspecialchars($verbose);
}
$host = $this->get("Servers/$id/host");
return empty($host) ? 'localhost' : $host;
return empty($host) ? 'localhost' : htmlspecialchars($host);
}
/**