Koha/koha-tmpl/intranet-tmpl/prog/en/modules/admin at 4b11d0c8627d31ad026c7494852cd25db0a5295c - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 46b0b0a75b Bug 19034: XSS Flaws in Z39.50/SRU servers administration 1. Hit /cgi-bin/koha/admin/z3950servers.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> search Z39.50/SRU servers box. 3. Notice the iframe is executed. 4. Apply patch. 5. Reload page, and enter iframe again on search Z39.50/SRU servers box. 6. Notice it is no longer executed. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
preferences	Bug 16892: Add automatic patron registration via OAuth2 login	2017-08-25 10:51:25 -03:00
searchengine/elasticsearch
admin-home.tt	Bug 18700 Fix grammar (data cannot be pluralized)	2017-06-05 11:46:58 -03:00
aqbudgetperiods.tt
aqbudgets.tt
aqcontract.tt
aqplan.tt
audio_alerts.tt
auth_subfields_structure.tt
auth_tag_structure.tt
authorised_values.tt
authtypes.tt
biblio_framework.tt
branch_transfer_limits.tt	Bug 18965 - branch transfer limits pagination save bug	2017-07-24 13:38:14 -03:00
branches.tt
categories.tt	Bug 19034: XSS Flaws in Patron categories pages	2017-08-29 12:00:37 -03:00
checkmarc.tt
cities.tt	Bug 19034: XSS Flaws in Cities	2017-08-29 12:00:37 -03:00
classsources.tt
clone-rules.tt
columns_settings.tt
currency.tt	Bug 18684 - Get rid of %%] in translation for currency.tt	2017-06-21 11:23:47 -03:00
didyoumean.tt
edi_accounts.tt	Bug 18699: Get rid of %%] in translation for edi_accounts.tt	2017-06-16 17:04:08 -03:00
edi_ean_accounts.tt
fieldmapping.tt
item_circulation_alerts.tt
items_search_field.tt
items_search_fields.tt
itemtypes.tt	Bug 17944 - Add Koha::ItemType->can_be_deleted and use it from admin/itemtypes.pl	2017-06-05 11:59:10 -03:00
koha2marclinks.tt
localization.tt
marc_subfields_structure.tt
marctagstructure.tt
matching-rules.tt	Bug 18824: Remove stray i from matching-rules.tt	2017-07-06 14:29:04 -03:00
oai_set_mappings.tt
oai_sets.tt
patron-attr-types.tt
preferences.tt	Bug 19078 - XSS Flaws in System preferences	2017-08-29 12:00:37 -03:00
printers.tt
smart-rules.tt	Bug 19027 - Circulation rules: Better wording for standard rules for all libraries	2017-08-10 16:25:35 -03:00
sms_providers.tt
sru_modmapping.tt
systempreferences.tt
transport-cost-matrix.tt
usage_statistics.tt
z3950servers.tt	Bug 19034: XSS Flaws in Z39.50/SRU servers administration	2017-08-29 12:00:37 -03:00