The branch, MAINT_3_4_5 has been updated
via 2f28ce9c800274190418da0945ce3647d36e1db6 (commit)
from 4039683ab3ca63c979948e02345b6d38452f8dee (commit)
- Log -----------------------------------------------------------------
commit 2f28ce9c800274190418da0945ce3647d36e1db6
Author: Herman van Rink <[email protected]>
Date: Fri Aug 19 13:12:04 2011 +0200
[security] Fixed XSS in Inline Edit on save action
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
js/sql.js | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 20e1751..1376169 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,6 +31,7 @@ phpMyAdmin - ChangeLog
- bug #3374347 [display] Backquotes in normal text on import page
- bug #3358750 [core] With Suhosin, urls are too long in edit links
- [security] Missing sanitization on the table, column and index names leads
to XSS vulnerabilities, see PMASA-2011-13
+- [security] Fixed XSS in Inline Edit on save action
3.4.3.2 (2011-07-23)
- [security] Fixed XSS vulnerability, see PMASA-2011-9
diff --git a/js/sql.js b/js/sql.js
index dbba441..842b6c6 100644
--- a/js/sql.js
+++ b/js/sql.js
@@ -1111,7 +1111,7 @@ function PMA_unInlineEditRow($del_hide, $chg_submit,
$this_td, $input_siblings,
}
}
}
- $this_sibling.html(new_html);
+ $this_sibling.text(new_html);
}
})
}
hooks/post-receive
--
phpMyAdmin
------------------------------------------------------------------------------
Doing More with Less: The Next Generation Virtual Desktop
What are the key obstacles that have prevented many mid-market businesses
from deploying virtual desktops? How do next-generation virtual desktops
provide companies an easier-to-deploy, easier-to-manage and more affordable
virtual desktop model.http://www.accelacomm.com/jaw/sfnl/114/51426474/
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git
