nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13

Browse Source
This commit is contained in:
Herman van Rink
2011-08-19 11:48:57 +02:00
parent a5716cb389
commit c79375598d
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
db_datadict.php
View File

@@ -70,7 +70,7 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
echo '<div>' . "\n";
}
echo '<h2>' . $table . '</h2>' . "\n";
echo '<h2>' . htmlspecialchars($table) . '</h2>' . "\n";
/**
* Gets table informations