Koha/koha-tmpl at 4e817ee04c2b5fbc2353ff382c6630322e57d8ae - Koha-community/Koha - Koha: The world's first free and open source library system

History

Chris Cormack 4e817ee04c Bug 16587 opac-sendshelf.pl is vulnerable to XSS To test 1/ Hit a url like http://localhost:8080/cgi-bin/koha/opac-sendshelf.pl?email=%3Cscript%3Ealert(%27XSS%27)%3C%2Fscript%3Ezz%40zz&comment=tes&shelfid=4 2/ Notice you get a js alert 3/ Apply patch 4/ Notice the js is now escaped Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>		2016-05-25 22:14:33 +00:00
..
intranet-tmpl	Bug 16343: 7XX XSLT subfields displaying out of order	2016-05-23 17:24:12 +00:00
opac-tmpl	Bug 16587 opac-sendshelf.pl is vulnerable to XSS	2016-05-25 22:14:33 +00:00
favicon.ico
index.html
intranet.html
opac.html