bug #1835123 [security] fixed XSS vulnerability on login page, thanks to Tim Brown (Nth Dimension) for the advisory and to Sebastian for the fix

This commit is contained in:
Marc Delisle
2007-11-20 12:55:14 +00:00
parent f207f7bb58
commit 440d7f2095

View File

@@ -41,6 +41,11 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
- bug #1828265 [privileges] No weird characters in generated password
- bug #1759194 [import] open_basedir warning
2.11.2.2 (2007-11-20)
- bug #1835123 [security] fixed XSS vulnerability on login page,
thanks to Tim Brown (Nth Dimension) for the advisory
and to Sebastian for the fix
2.11.2.1 (2007-11-11)
- fixed possible SQL injection using database name
- fixed possible XSS in database name - thanks to Omer Singer, The DigiTrust Group