Bug 19052 - XSS Flaws in vendor search page

1. Hit /cgi-bin/koha/acqui/booksellers.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> vendor search box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on vendor search box. 6. Notice it is no longer executed. Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-07 22:04:30 +05:30 · 2017-08-07 22:04:30 +05:30 · 3199cff639
commit 3199cff639
parent 1a7040b7b0
1 changed files with 1 additions and 1 deletions
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/booksellers.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/booksellers.tt
@ -55,7 +55,7 @@ $(document).ready(function() {
 [% INCLUDE 'header.inc' %]
 [% INCLUDE 'acquisitions-search.inc' %]

-<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/acqui/acqui-home.pl">Acquisitions</a> &rsaquo; Search for vendor <em>[% supplier %]</em> </div>
+<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/acqui/acqui-home.pl">Acquisitions</a> &rsaquo; Search for vendor <em>[% supplier |html %]</em> </div>

 <div id="doc3" class="yui-t2">