Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#4503 (ok 4.0.10.2) Self-XSSes in monitor

4.0.10
fixed
None
1
2014-08-17
2014-08-06
No

Steps: Monitor -> settings -> add chart -> Chose status variables from radio buttons -> type variable name as '' -> Chose append unit to data values and type '' -> Click 'Add this series'.

Affected versions: 4.0.x, 4.1.x, 4.2.x

Problematic line: server_status_monitor.js L905 & L911 (in QA_4_2) "str += serie.unit ? (', ' + PMA_messages.strUnit + ': ' + serie.unit) : '';" and "$('#seriesPreview').append('- ' + newSeries.label + str + '
');"

Discussion

  • Marc Delisle
    Marc Delisle
    2014-08-17

    • private: Yes --> No
     
  • Marc Delisle
    Marc Delisle
    2014-08-17

    • summary: Self-XSSes in monitor --> (ok 4.0.10.2) Self-XSSes in monitor
    • status: open --> fixed
    • assigned_to: Madhura Jayaratne
    • Priority: 5 --> 1