Koha/koha-tmpl at 8534ca278022e82f55b1907bac31afa7e86b9d5f - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 8534ca2780 Bug 19114 - Stored XSS in parcels.pl Test 1. Hit the page /cgi-bin/koha/acqui/parcels.pl?booksellerid=xx xx is booksellerid 2. Add a text in the field Vendor invoice that contains java script 3. Save the page. 4. Notice js is execute 5. Apply patch and reload the js is escaped Fixed XSS for parcels.pl/parcel.pl/orderreceive.pl Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
intranet-tmpl	Bug 19114 - Stored XSS in parcels.pl	2017-08-29 12:00:37 -03:00
opac-tmpl	Bug 18726: Fix XSS at the OPAC - biblionumber	2017-08-29 12:00:37 -03:00
favicon.ico
index.html
intranet.html
opac.html