Details
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "Novell Bugzilla entry: 450796 SUSE Security Advisories:- SUSE-SR:2009:003, published Mon, 02 Feb 2009 16:30:00 +0000
- SUSE-SR:2009:003 , published Mon, 02 Feb 2009 16:30:00 +0000
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| openSUSE 10.3 openSUSE 11.0 |
| ZYPP Patch Nr: 5935 SAT Patch Nr: 442 |