nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Self-XSS on database names (Operations/rename), see PMASA-2011-18

Browse Source
This commit is contained in:
Marc Delisle
2011-11-21 18:08:49 -05:00
parent b289fe0824
commit 1490533d91
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
js/db_operations.js
View File

@@ -32,7 +32,7 @@ $(document).ready(function() {
var $form = $(this);
var question = 'CREATE DATABASE ' + $('#new_db_name').val() + ' / DROP DATABASE ' + window.parent.db;
var question = escapeHtml('CREATE DATABASE ' + $('#new_db_name').val() + ' / DROP DATABASE ' + window.parent.db);
PMA_prepareForAjaxRequest($form);
/**