Hi Thijs, * Thijs Kinkhorst <[EMAIL PROTECTED]> [2007-11-18 03:36]: > severity 451465 important > thanks > > On Sat, November 17, 2007 15:47, Nico Golde wrote: > > # Automatically generated email from bts, devscripts version 2.10.11 > > # this can be really eval in shared environments > > severity 451465 grave > > If you let users create databases, you've got a lot more concerns than > cross site scripting locally in phpMyAdmin if you can't trust them. This > is 'important' at the very, very most.
I raised it because of the sql injection not because of the cross-site scripting issue. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpEvz6S8PmBl.pgp
Description: PGP signature

