Koha/koha-tmpl at 46b0b0a75b01d700ec02c458896c27760e604465 - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 46b0b0a75b Bug 19034: XSS Flaws in Z39.50/SRU servers administration 1. Hit /cgi-bin/koha/admin/z3950servers.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> search Z39.50/SRU servers box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on search Z39.50/SRU servers box. 6. Notice it is no longer executed. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
intranet-tmpl	Bug 19034: XSS Flaws in Z39.50/SRU servers administration	2017-08-29 12:00:37 -03:00
opac-tmpl	Bug 18726: Fix XSS at the OPAC - biblionumber	2017-08-29 12:00:37 -03:00
favicon.ico
index.html
intranet.html
opac.html