Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
PMASA-2019-5 patch for phpMyAdmin prior to 4.9.1
From 98545d3e2ae3860e2010ff995c018ee6956d6c5d Mon Sep 17 00:00:00 2001
From: William Desportes <williamdes@wdes.fr>
Date: Mon, 28 Oct 2019 22:09:44 +0100
Subject: [PATCH] Security patch for Designer and Designer visual mode
Closes: https://github.com/phpmyadmin/phpmyadmin-security/issues/286
---
js/designer/move.js | 4 ++--
templates/database/designer/database_tables.twig | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/js/designer/move.js b/js/designer/move.js
index eb9d76bb53..e5b710e269 100644
--- a/js/designer/move.js
+++ b/js/designer/move.js
@@ -578,7 +578,7 @@ function addTableToTablesList (index, table_dom) {
' />' +
' </td>' +
' <td class="designer_Tabs"' +
- ' designer_url_table_name="' + db_encoded + '.' + table_encoded + '">' + db + '.' + table + '</td>' +
+ ' designer_url_table_name="' + db_encoded + '.' + table_encoded + '">' + $('<div/>').text(db + '.' + table).html() + '</td>' +
'</tr>');
$('#id_scroll_tab table').first().append($new_table_line);
$($new_table_line).find('.scroll_tab_struct').click(function () {
@@ -1811,7 +1811,7 @@ function Click_option (id_this, column_name, table_name) {
// var top = Glob_Y - document.getElementById(id_this).offsetHeight - 10;
document.getElementById(id_this).style.top = (screen.height / 4) + 'px';
document.getElementById(id_this).style.display = 'block';
- document.getElementById('option_col_name').innerHTML = '<strong>' + PMA_sprintf(PMA_messages.strAddOption, decodeURI(column_name)) + '</strong>';
+ document.getElementById('option_col_name').innerHTML = '<strong>' + $('<div/>').text(PMA_sprintf(PMA_messages.strAddOption, decodeURI(column_name))).html() + '</strong>';
col_name = column_name;
tab_name = table_name;
}
diff --git a/templates/database/designer/database_tables.twig b/templates/database/designer/database_tables.twig
index e036488833..d3d5ad9c92 100644
--- a/templates/database/designer/database_tables.twig
+++ b/templates/database/designer/database_tables.twig
@@ -49,7 +49,7 @@
table_name="{{ t_n_url }}"
query_set="{{ has_query ? 1 : 0 }}">
<span class="owner">{{ designerTable.getDatabaseName() }}</span>
- {{ designerTable.getTableName()|raw }}
+ {{ designerTable.getTableName() }}
</td>
{% if has_query %}
<td class="tab_zag tab_zag_query"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.