Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/tbl_printview.php
diff options
context:
space:
mode:
authorMadhura Jayaratne <madhura.cj@gmail.com>2014-11-04 13:35:06 +0300
committerMadhura Jayaratne <madhura.cj@gmail.com>2014-11-04 13:35:06 +0300
commit42b64e12b5f596366f94ef72365fd69a019ba820 (patch)
treeb1ee17c719556869d36a24cc2f8956be6c279821 /tbl_printview.php
parentd0f7dc79905f4795d328a018772871f9f98957fc (diff)
bug #4578 XSS vulnerability in table print view
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
Diffstat (limited to 'tbl_printview.php')
-rw-r--r--tbl_printview.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/tbl_printview.php b/tbl_printview.php
index 78bb961015..248010f8e9 100644
--- a/tbl_printview.php
+++ b/tbl_printview.php
@@ -180,7 +180,7 @@ foreach ($the_tables as $key => $table) {
echo ' ' . $field_name . "\n";
}
echo '</td>';
- echo '<td>' . $type. '<bdo dir="ltr"></bdo></td>';
+ echo '<td>' . htmlspecialchars($type) . '<bdo dir="ltr"></bdo></td>';
echo '<td>';
echo (($row['Null'] == '' || $row['Null'] == 'NO')
? __('No')
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 17:38:03 +0300