Koha/koha-tmpl/intranet-tmpl at 3199cff63924520a4cc4564f3590427dbed867f8 - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 3199cff639 Bug 19052 - XSS Flaws in vendor search page 1. Hit /cgi-bin/koha/acqui/booksellers.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> vendor search box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on vendor search box. 6. Notice it is no longer executed. Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
js
lib	Bug 17288 - Advanced Editor - Rancor - Helpers for 006 and 007 fields	2017-08-25 10:59:03 -03:00
prog	Bug 19052 - XSS Flaws in vendor search page	2017-08-29 12:00:37 -03:00