XSS Bug in Query View
Started by Albrecht Scheidigalmost 7 years ago2 messagesbugs
When entering the following query and hit 'execute', xss is executed:
SELECT '<<SCRIPT>alert("XSS ");//<</SCRIPT>';
pgadmin 4.8
Re: XSS Bug in Query View
Hi Albrecht,
Fix will be available in next release of pgadmin4 4.9.
On Wed, Jun 19, 2019 at 8:48 PM Albrecht Scheidig <albrecht.scheidig@hype.de>
wrote:
When entering the following query and hit 'execute', xss is executed:
SELECT '<<SCRIPT>alert("XSS ");//<</SCRIPT>';
pgadmin 4.8
--
Fahar Abbas
QMG
EnterpriseDB Corporation
Phone Office: +92-51-835-8874
Phone Direct: +92-51-8466803
Mobile: +92-333-5409707
Skype ID: *live:fahar.abbas*
Website: www.enterprisedb.com