nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix XSS problem, regression in the 3.4 branch.

Browse Source 
Dev releases until -beta2 are vulnerable.
Thanks to Aung Khant from YGN Ethical Hacker Group (http://yehg.net/) for reporting this issue.
This commit is contained in:
Herman van Rink
2011-01-26 11:36:10 +01:00
parent acf2e0a034
commit f57daa0a59
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libraries/header.inc.php
View File

@@ -121,7 +121,7 @@ if (!$GLOBALS['is_ajax_request']) {
printf($item, printf($item,
$GLOBALS['cfg']['DefaultTabDatabase'], $GLOBALS['cfg']['DefaultTabDatabase'],
PMA_generate_common_url($GLOBALS['db']), PMA_generate_common_url($GLOBALS['db']),
$GLOBALS['db'], htmlspecialchars($GLOBALS['db']),
__('Database'), __('Database'),
's_tbl.png'); 's_tbl.png');
// if the table is being dropped, $_REQUEST['purge'] is set // if the table is being dropped, $_REQUEST['purge'] is set