Postgres Pro
Downloads
Home   >   mailing lists

Bug #4387 - User can not insert any value on view data if table and column name contains *SELECT '<';* - Mailing list pgadmin-hackers

From Yogesh Mahajan
Subject Bug #4387 - User can not insert any value on view data if table and column name contains *SELECT '<';*
Date
Msg-id CAMa=N=OvqpwM8XgVb58NFnoQZr6XuVDfe+SL-=yfO6D=DMbLfw@mail.gmail.com
Whole thread Raw
Responses Re: Bug #4387 - User can not insert any value on view data if table and column name contains *SELECT '<';*  (Akshay Joshi <akshay.joshi@enterprisedb.com>)
List pgadmin-hackers
Tree view
Hello,

Please find patch which fixes 2 issues reported in Bug #4387 
  1.Incorrect Column name when column name is like *'SELECT '<<SCRIPT>alert("XSS ");//<</SCRIPT>;*''
  2.Unable to enter data when the above column is primary key.

Thanks,
Yogesh Mahajan
QA - Team
EnterpriseDB Corporation

Phone: +91-9741705709
Attachment

pgadmin-hackers by date:

Previous
From: Akshay Joshi
Date:
Subject: Re: Patch for SonarQube code scan fixes.
Next
From: Pramod Ahire
Date:
Subject: Code coverage report generation for JS files