Koha/koha-tmpl/intranet-tmpl at 8534ca278022e82f55b1907bac31afa7e86b9d5f - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 8534ca2780 Bug 19114 - Stored XSS in parcels.pl Test 1. Hit the page /cgi-bin/koha/acqui/parcels.pl?booksellerid=xx xx is booksellerid 2. Add a text in the field Vendor invoice that contains java script 3. Save the page. 4. Notice js is execute 5. Apply patch and reload the js is escaped Fixed XSS for parcels.pl/parcel.pl/orderreceive.pl Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
js	Bug 16456: Add Font Awesome icons to some buttons in Tools module, section Patrons and circulation	2016-06-17 15:40:24 +00:00
lib	Bug 17288 - Advanced Editor - Rancor - Helpers for 006 and 007 fields	2017-08-25 10:59:03 -03:00
prog	Bug 19114 - Stored XSS in parcels.pl	2017-08-29 12:00:37 -03:00