[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. 4a0c2d3e09961ce3717d0b2ecb20a1e744c79826

Marc Delisle lem9 at users.sourceforge.net
Sat Dec 3 16:09:09 CET 2011

The branch, master has been updated
       via  4a0c2d3e09961ce3717d0b2ecb20a1e744c79826 (commit)
      from  23f165c6d8ed9fa195a47ce8a639a6c45007705e (commit)

- Log -----------------------------------------------------------------
commit 4a0c2d3e09961ce3717d0b2ecb20a1e744c79826
Author: Marc Delisle <marc at infomarc.info>
Date:   Sat Dec 3 10:06:54 2011 -0500

    Update to PMASA-2011-18


Summary of changes:
 templates/security/PMASA-2011-18 |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/templates/security/PMASA-2011-18 b/templates/security/PMASA-2011-18
index 2965f59..a13680b 100644
--- a/templates/security/PMASA-2011-18
+++ b/templates/security/PMASA-2011-18
@@ -8,6 +8,10 @@ PMASA-2011-18
+<py:def function="announcement_updated">
 <py:def function="announcement_summary">
 Multiple XSS.
@@ -19,7 +23,7 @@ Using a crafted column type, it was possible to produce XSS in the table search
 <py:def function="announcement_mitigation">
-These attacks are unlikely to succeed on a victim.
+These attacks are unlikely to succeed on a victim. Moreover, all these attacks require that the user be already logged in and that a valid token be part of the request.
 <py:def function="announcement_severity">

phpMyAdmin website

More information about the Git mailing list