[Phpmyadmin-devel] XSS safe checks

Edward Cheng c4150221 at gmail.com
Wed Jul 2 08:26:31 CEST 2014

>From this comment:
I find I save a bookmark which label named
"<script>alert("XSS");</script>", it runs while I click SQL tab.
Is it safe enough? Should we add htmlspecialchars() to INSERT query
included functions(e.g. PMA_Bookmark_save)?

Edward Cheng

More information about the Developers mailing list