Bug 14416: Stored XSS vulnerability
opac-addbybiblionumber.pl is also vulnerable because it doesn't escape list names. To test 1/ Create a malicious list name 2/ Try to add a biblio to the lists 3/ Notice js is excuted 4/ Apply patch 5/ Test again Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
This commit is contained in:
Chris Cormack
Tomas Cohen Arazi
parent
703a928b9d
commit
fb51a4bb0f
1 changed files with 2 additions and 2 deletions
|
|
@ -30,12 +30,12 @@
|
|||
<label for="shelfnumber">Add to list:</label> <select name="shelfnumber" id="shelfnumber">
|
||||
[% IF ( privatevirtualshelves ) %]<optgroup label="Private Lists">
|
||||
[% FOREACH privatevirtualshelve IN privatevirtualshelves %]
|
||||
<option value="[% privatevirtualshelve.shelfnumber %]">[% privatevirtualshelve.shelfname %]</option>
|
||||
<option value="[% privatevirtualshelve.shelfnumber %]">[% privatevirtualshelve.shelfname | html%]</option>
|
||||
[% END %]
|
||||
</optgroup>[% END %]
|
||||
[% IF ( publicvirtualshelves ) %]<optgroup label="Public Lists">
|
||||
[% FOREACH publicvirtualshelve IN publicvirtualshelves %]
|
||||
<option value="[% publicvirtualshelve.shelfnumber %]">[% publicvirtualshelve.shelfname %]</option>
|
||||
<option value="[% publicvirtualshelve.shelfnumber %]">[% publicvirtualshelve.shelfname |html%]</option>
|
||||
[% END %]
|
||||
</optgroup>[% END %]
|
||||
</select>
|
||||
|
|
|
|||
Loading…
Reference in a new issue