diff --git a/adminer/include/design.inc.php b/adminer/include/design.inc.php
index d668dd13..6a3930f0 100644
--- a/adminer/include/design.inc.php
+++ b/adminer/include/design.inc.php
@@ -7,7 +7,7 @@
 * @return null
 */
 function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
-	global $LANG, $adminer, $connection, $drivers, $jush;
+	global $LANG, $VERSION, $adminer, $connection, $drivers, $jush;
 	page_headers();
 	$title_all = $title . ($title2 != "" ? ": $title2" : "");
 	$title_page = strip_tags($title_all . (SERVER != "" && SERVER != "localhost" ? h(" - " . SERVER) : "") . " - " . $adminer->name());
@@ -29,7 +29,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
 <?php } ?>
 <?php } ?>
 
-<body class="<?php echo lang('ltr'); ?> nojs" onkeydown="bodyKeydown(event);" onclick="bodyClick(event);" onload="bodyLoad('<?php echo (is_object($connection) ? substr($connection->server_info, 0, 3) : ""); ?>');<?php echo (isset($_COOKIE["adminer_version"]) ? "" : " verifyVersion();"); ?>">
+<body class="<?php echo lang('ltr'); ?> nojs" onkeydown="bodyKeydown(event);" onclick="bodyClick(event);" onload="bodyLoad('<?php echo (is_object($connection) ? substr($connection->server_info, 0, 3) : ""); ?>');<?php echo (isset($_COOKIE["adminer_version"]) ? "" : " verifyVersion('$VERSION');"); ?>">
 <script type="text/javascript">
 document.body.className = document.body.className.replace(/ nojs/, ' js');
 </script>
diff --git a/adminer/static/functions.js b/adminer/static/functions.js
index 819e6655..0d8c38fa 100644
--- a/adminer/static/functions.js
+++ b/adminer/static/functions.js
@@ -30,12 +30,29 @@ function cookie(assign, days) {
 }
 
 /** Verify current Adminer version
+* @param string
 */
-function verifyVersion() {
+function verifyVersion(current) {
 	cookie('adminer_version=0', 1);
-	var script = document.createElement('script');
-	script.src = location.protocol + '//www.adminer.org/version.php';
-	document.body.appendChild(script);
+	var iframe = document.createElement('iframe');
+	iframe.src = location.protocol + '//www.adminer.org/version/?current=' + current;
+	iframe.frameBorder = 0;
+	iframe.marginHeight = 0;
+	iframe.scrolling = 'no';
+	iframe.style.width = '7ex';
+	iframe.style.height = '1.25em';
+	if (window.postMessage && window.addEventListener) {
+		iframe.style.display = 'none';
+		addEventListener('message', function (event) {
+			if (event.origin == location.protocol + '//www.adminer.org') {
+				var match = /version=(.+)/.exec(event.data);
+				if (match) {
+					cookie('adminer_version=' + match[1], 1);
+				}
+			}
+		}, false);
+	}
+	document.getElementById('version').appendChild(iframe);
 }
 
 /** Get value of select
diff --git a/changes.txt b/changes.txt
index adea07ce..3f19c43f 100644
--- a/changes.txt
+++ b/changes.txt
@@ -16,6 +16,7 @@ Encrypt passwords stored in session by a key stored in cookie
 Don't append newlines to uploaded files, bug since Adminer 3.7.0
 Don't display SQL edit form on Ctrl+click on the select query, introduced in Adminer 3.6.4
 Use MD5 for editing long keys only in supported drivers, bug since Adminer 3.6.4
+Don't execute external JavaScript when verifying version
 Protect CSRF token against BREACH
 SQLite: Allow editing primary key
 SQLite: Allow editing foreign keys