search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: ddf9b78) | patch
Escape database name in URL
commit6943fff87324bd54c3a37a5160a5fb77498c355e
authorWilliam Desportes <williamdes@wdes.fr>
Sat, 9 Jun 2018 14:07:57 +0000 (9 16:07 +0200)
committerIsaac Bennetch <bennetch@gmail.com>
Tue, 19 Jun 2018 15:32:17 +0000 (19 11:32 -0400)
tree65c83a4e7b55ab4258cc633607e7dda8641c8634tree | snapshot (tar.gz zip)
parentddf9b786e4490ce3d35d44b908066006d22b3fa2commit | diff
Escape database name in URL

Designer > new page shows iframe when db name is: "'"><iframe onload=alert(1)>

Signed-off-by: William Desportes <williamdes@wdes.fr>
js/designer/move.js diff | blob | blame | history
phpMyAdmin