Koha/koha-tmpl at 1a7040b7b0596a25a988568f0da0b47dd12c9f28 - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 1a7040b7b0 Bug 19054 - XSS Flaws in Report - Top Most-circulated items 1. Hit /cgi-bin/koha/reports/cat_issues_top.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> in Callnumber, Day, Month, Year search box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on Callnumber, Day, Month, Year search box. 6. Notice it is no longer executed. Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
intranet-tmpl	Bug 19054 - XSS Flaws in Report - Top Most-circulated items	2017-08-29 12:00:37 -03:00
opac-tmpl	Bug 18726: Fix XSS at the OPAC - biblionumber	2017-08-29 12:00:37 -03:00
favicon.ico
index.html
intranet.html
opac.html