Koha/koha-tmpl
Chris 603a111d3a Bug 14423: Multiple XSS bugs in suggestion.pl
To test
1/ Hit a url like http://localhost:8081/cgi-bin/koha/suggestion/suggestion.pl?author=%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&accepteddate_to=
2/ Notice alert box(es)
3/ Apply patch
4/ Reload and notice alert is gone

Repeat for
collection_title
copyrightdate
isbn
manageddate_from
manageddate_to
publishercode
suggesteddate_from
suggesteddate_to

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-06-23 10:12:33 -03:00
..
intranet-tmpl Bug 14423: Multiple XSS bugs in suggestion.pl 2015-06-23 10:12:33 -03:00
opac-tmpl Bug 5025: discrepancy between opac doc-head-open.inc and staff doc-head-open.inc 2015-06-22 17:04:48 -03:00
favicon.ico Getting rid of pesky favicon.ico log message 2005-06-14 23:22:11 +00:00
index.html
intranet.html
opac.html