nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] XSS: Insufficient output sanitizing in bookmarks

Browse Source
This commit is contained in:
Marc Delisle
2009-06-30 10:48:08 +00:00
parent 15a8349164
commit 2a893aba92
3 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libraries/common.lib.php
View File

@@ -305,7 +305,7 @@ function PMA_formatSql($parsed_sql, $unparsed_sql = '')
// well, not quite
// first check for the SQL parser having hit an error
if (PMA_SQP_isError()) {
return $parsed_sql;
return htmlspecialchars($parsed_sql['raw']);
}
// then check for an array
if (!is_array($parsed_sql)) {