From 110c44a7a3117b94b065742606cc6f7bc05f8cd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= Date: Tue, 17 Aug 2010 16:23:09 +0200 Subject: [PATCH] Fix XSS on delimiter in tbl_sql.php. --- tbl_sql.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tbl_sql.php b/tbl_sql.php index f27a3b9aa..f9c71d809 100644 --- a/tbl_sql.php +++ b/tbl_sql.php @@ -37,7 +37,7 @@ require_once './libraries/tbl_links.inc.php'; /** * Query box, bookmark, insert data from textfile */ -PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? $_REQUEST['delimiter'] : ';'); +PMA_sqlQueryForm(true, false, isset($_REQUEST['delimiter']) ? htmlspecialchars($_REQUEST['delimiter']) : ';'); /** * Displays the footer