Bug 19054 - XSS Flaws in Report - Top Most-circulated items

1. Hit /cgi-bin/koha/reports/cat_issues_top.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> in Callnumber, Day, Month, Year search box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on Callnumber, Day, Month, Year search box. 6. Notice it is no longer executed. Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 years ago · 1a7040b7b0
1 changed files with 1 additions and 1 deletions
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/reports/cat_issues_top.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/reports/cat_issues_top.tt
@ -59,7 +59,7 @@
 		[% IF ( mainloo.loopfilter ) %]
            <p>Filtered on:</p>
 			[% FOREACH loopfilte IN mainloo.loopfilter %]
-					<p>[% IF ( loopfilte.err ) %]  [% END %] [% loopfilte.crit %] =[% loopfilte.filter %][% IF ( loopfilte.err ) %]  [% END %]</p>
+                    <p>[% IF ( loopfilte.err ) %]  [% END %] [% loopfilte.crit %] =[% loopfilte.filter |html %][% IF ( loopfilte.err ) %]  [% END %]</p>
 			[% END %]
 		[% END %]