Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/admin/cities.tt
Amit Gupta 3f7fc907ba Bug 19034: XSS Flaws in Cities 
1. Hit /cgi-bin/koha/admin/cities.pl
2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> search cities box.
3. Notice the iframe is executed.
4. Apply patch.
5. Reload page, and enter iframe again on search cities box.
6. Notice it is no longer executed.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00

189 lines
7.1 KiB
Text
Raw Blame History

[% INCLUDE 'doc-head-open.inc' %]
<title>Koha &rsaquo; Administration &rsaquo; [% IF op =='add_form' %]Cities &rsaquo; [% IF city.cityid %] Modify city[% ELSE %] New city[% END %][% ELSE %][% IF op == 'delete_confirm' %]Cities &rsaquo; Confirm deletion of city[% ELSE %] Cities[% END %][% END %]</title>
[% INCLUDE 'doc-head-close.inc' %]
<link rel="stylesheet" type="text/css" href="[% interface %]/[% theme %]/css/datatables.css" />
[% INCLUDE 'datatables.inc' %]
<script type="text/javascript">
//<![CDATA[
$(document).ready(function() {
$("#table_cities").dataTable($.extend(true, {}, dataTablesDefaults, {
"aoColumnDefs": [
{ "aTargets": [ -1, -2 ], "bSortable": false, "bSearchable": false },
],
"aaSorting": [[ 1, "asc" ]],
"iDisplayLength": 10,
"sPaginationType": "full_numbers"
}));
});
//]]>
</script>
</head>
<body id="admin_cities" class="admin">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'cities-admin-search.inc' %]
<div id="breadcrumbs">
<a href="/cgi-bin/koha/mainpage.pl">Home</a>
&rsaquo; <a href="/cgi-bin/koha/admin/admin-home.pl">Administration</a>
&rsaquo; <a href="/cgi-bin/koha/admin/cities.pl">Cities</a>
[% IF op == 'add_form' %]
&rsaquo; [% IF city.cityid %]Modify[% ELSE %]New[% END %] City
[% ELSIF op == 'delete_confirm' %]
&rsaquo; Confirm deletion of city
[% END %]
</div>
<div id="doc3" class="yui-t2">
<div id="bd">
<div id="yui-main">
<div class="yui-b">
[% FOR m IN messages %]
<div class="dialog [% m.type %]">
[% SWITCH m.code %]
[% CASE 'error_on_update' %]
An error occurred when updating this city. Perhaps it already exists.
[% CASE 'error_on_insert' %]
An error occurred when adding this city. The city id might already exist.
[% CASE 'error_on_delete' %]
An error occurred when deleting this city. Check the logs.
[% CASE 'success_on_update' %]
City updated successfully.
[% CASE 'success_on_insert' %]
City added successfully.
[% CASE 'success_on_delete' %]
City deleted successfully.
[% CASE 'already_exists' %]
This city already exists.
[% CASE %]
[% m.code %]
[% END %]
</div>
[% END %]
[% IF op == 'add_form' %]
[% IF city %]
<h1>Modify a city</h1>
[% ELSE %]
<h1>New city</h1>
[% END %]
<form action="/cgi-bin/koha/admin/cities.pl" name="Aform" method="post" class="validated">
<input type="hidden" name="op" value="add_validate" />
<input type="hidden" name="cityid" value="[% city.cityid %]" />
<fieldset class="rows">
<ol>
[% IF city %]
<li><span class="label">City ID: </span>[% city.cityid %]</li>
[% END %]
<li>
<label for="city_name" class="required">City: </label>
<input type="text" name="city_name" id="city_name" size="80" maxlength="100" value="[% city.city_name |html %]" required="required" class="required" /> <span class="required">Required</span>
</li>
<li>
<label for="city_state">State: </label>
<input type="text" name="city_state" id="city_state" size="80" maxlength="100" value="[% city.city_state |html %]" />
</li>
<li>
<label for="city_zipcode" class="required">ZIP/Postal code: </label>
<input type="text" name="city_zipcode" id="city_zipcode" size="20" maxlength="20" value="[% city.city_zipcode %]" required="required" class="required" /> <span class="required">Required</span>
</li>
<li>
<label for="city_country">Country: </label>
<input type="text" name="city_country" id="city_country" size="80" maxlength="100" value="[% city.city_country |html %]" />
</li>
</ol>
</fieldset>
<fieldset class="action">
<input type="submit" value="Submit" />
<a class="cancel" href="/cgi-bin/koha/admin/cities.pl">Cancel</a>
</fieldset>
</form>
[% END %]
[% IF op == 'delete_confirm' %]
<div class="dialog alert">
<h3>Delete city "[% city.city_name %]?"</h3>
<table>
<tr><th>City id</th>
<td>[% city.cityid %]</td>
</tr>
<tr><th>City</th>
<td>[% city.city_name %]</td>
</tr>
<tr><th>State</th>
<td>[% city.city_state %]</td>
</tr>
<tr><th>ZIP/Postal code</th>
<td>[% city.city_zipcode %]</td>
</tr>
<tr><th>Country</th>
<td>[% city.city_country %]</td>
</tr>
</table>
<form action="/cgi-bin/koha/admin/cities.pl" method="post">
<input type="hidden" name="op" value="delete_confirmed" />
<input type="hidden" name="cityid" value="[% city.cityid %]" />
<button type="submit" class="approve"><i class="fa fa-fw fa-check"></i> Yes, delete</button>
</form>
<form action="/cgi-bin/koha/admin/cities.pl" method="get">
<button type="submit" class="deny"><i class="fa fa-fw fa-remove"></i> No, do not delete</button>
</form>
</div>
[% END %]
[% IF op == 'list' %]
<div id="toolbar" class="btn-toolbar">
<a class="btn btn-default btn-sm" id="newcity" href="/cgi-bin/koha/admin/cities.pl?op=add_form"><i class="fa fa-plus"></i> New city</a>
</div>
<h2>Cities</h2>
[% IF searchfield %]
Searching: [% searchfield |html %]
[% END %]
[% IF cities.count %]
<table id="table_cities">
<thead>
<th>City ID</th>
<th>City</th>
<th>State</th>
<th>ZIP/Postal code</th>
<th>Country</th>
<th>Actions</th>
</thead>
<tbody>
[% FOREACH city IN cities %]
<tr>
<td>[% city.cityid %]</td>
<td>[% city.city_name %]</td>
<td>[% city.city_state %]</td>
<td>[% city.city_zipcode %]</td>
<td>[% city.city_country %]</td>
<td class="actions">
<a class="btn btn-default btn-xs" href="/cgi-bin/koha/admin/cities.pl?op=add_form&amp;cityid=[% city.cityid %]"><i class="fa fa-pencil"></i> Edit</a>
<a class="btn btn-default btn-xs" href="/cgi-bin/koha/admin/cities.pl?op=delete_confirm&amp;cityid=[% city.cityid %]"><i class="fa fa-trash"></i> Delete</a>
</td>
</tr>
[% END %]
</tbody>
</table>
[% ELSE %]
<div class="dialog message">
There are no cities defined. <a href="/cgi-bin/koha/admin/cities.pl?op=add_form">Create a new city</a>.
</div>
[% END %]
[% END %]
</div>
</div>
<div class="yui-b">
[% INCLUDE 'admin-menu.inc' %]
</div>
</div>
[% INCLUDE 'intranet-bottom.inc' %]
View git blame Copy permalink