diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | tbl_printview.php | 2 |
2 files changed, 4 insertions, 1 deletions
@@ -1,6 +1,9 @@ phpMyAdmin - ChangeLog ====================== +4.0.10.6 (not yet released) +- bug #4578 [security] XSS vulnerability in table print view + 4.0.10.5 (2014-10-21) - bug #4562 [security] XSS in debug SQL output - bug #4563 [security] XSS in monitor query analyzer diff --git a/tbl_printview.php b/tbl_printview.php index 78bb961015..248010f8e9 100644 --- a/tbl_printview.php +++ b/tbl_printview.php @@ -180,7 +180,7 @@ foreach ($the_tables as $key => $table) { echo ' ' . $field_name . "\n"; } echo '</td>'; - echo '<td>' . $type. '<bdo dir="ltr"></bdo></td>'; + echo '<td>' . htmlspecialchars($type) . '<bdo dir="ltr"></bdo></td>'; echo '<td>'; echo (($row['Null'] == '' || $row['Null'] == 'NO') ? __('No') |