Koha/koha-tmpl/intranet-tmpl/prog/en/modules at 603a111d3a711148fbcecd293b0a8b89fa0b0fc6 - Koha-community/Koha - Koha: The world's first free and open source library system

History

Chris 603a111d3a Bug 14423: Multiple XSS bugs in suggestion.pl To test 1/ Hit a url like http://localhost:8081/cgi-bin/koha/suggestion/suggestion.pl?author=%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&accepteddate_to= 2/ Notice alert box(es) 3/ Apply patch 4/ Reload and notice alert is gone Repeat for collection_title copyrightdate isbn manageddate_from manageddate_to publishercode suggesteddate_from suggesteddate_to Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>		2015-06-23 10:12:33 -03:00
..
acqui	Bug 14423: XSS bug in lateorders	2015-06-23 10:11:57 -03:00
admin	Bug 14423: XSS issues in marc_subfields_structure	2015-06-23 10:12:11 -03:00
authorities
basket	Bug 14329: Useless copy/pasta from Template::Plugin::HtmlToText	2015-06-08 09:47:06 -03:00
batch
catalogue	Bug 14423: XSS bugs in catalogue search	2015-06-23 10:12:18 -03:00
cataloguing	Bug 13904: Make unimarc_field_4XX displays usefull 200 subfield data	2015-06-19 11:35:57 -03:00
circ	Bug 14356: Improvements to the 'Transfers to receive' page	2015-06-22 17:30:53 -03:00
common
course_reserves
errors
help	Bug 14424: Tools Help Files for 3.20	2015-06-22 11:06:21 -03:00
installer
labels	Bug 12160: Rename intranetuserjs with IntranetUserJS	2015-05-26 10:42:07 -03:00
members	Bug 10866: Hide patron's history if intranetreadinghistory is set to not allow	2015-06-19 11:34:27 -03:00
offline_circ
patron_lists
patroncards
plugins
reports	Bug 14029: Provide 'clear' link to empty reports search filters	2015-06-11 13:08:53 -03:00
reserve
reviews
rotating_collections
serials	Bug 14423: Multiple XSS vulnerabilities in serials-search	2015-06-23 10:12:26 -03:00
services
sms
suggestion	Bug 14423: Multiple XSS bugs in suggestion.pl	2015-06-23 10:12:33 -03:00
tags
test
tools	Bug 13874: 'Rotating collections' are a circulation tool	2015-06-22 11:47:37 -03:00
virtualshelves	Bug 14416: Stored XSS vulnerability - add biblio to shelf (intranet)	2015-06-22 11:00:09 -03:00
about.tt	Bug 7143: Release team for 3.22	2015-05-27 12:44:15 -03:00
auth.tt
intranet-main.tt