From b96715b12d81b27b9cd1f252f54dc12419f6bc9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= Date: Sat, 18 Nov 2006 19:33:20 +0000 Subject: [PATCH] =?UTF-8?q?Fix=20XSS=20on=20database=20comment,=20thanks?= =?UTF-8?q?=20to=20laurent=20gaffi=C3=A9.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ChangeLog | 2 ++ libraries/PMA_List_Database.class.php | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 55ab3c566..7f1c4660f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,8 @@ $HeadURL$ * Documentation.html, libraries/ip_allow_deny.lib.php: Define headers which to trust in configuration, thanks for help with this to Christian Schmidt, Peytz & Co. + * libraries/PMA_List_Database.class.php: Fix XSS on database comment, + thanks to laurent gaffiƩ. 2006-11-18 Marc Delisle * index.php, libraries/common.lib.php, /cleanup.lib.php: undefined index diff --git a/libraries/PMA_List_Database.class.php b/libraries/PMA_List_Database.class.php index 79fc4c3ff..648f3c9b7 100644 --- a/libraries/PMA_List_Database.class.php +++ b/libraries/PMA_List_Database.class.php @@ -424,12 +424,12 @@ require_once './libraries/PMA_List.class.php'; $cut = false; } foreach ($dbs as $db) { - $return .= '