Koha/koha-tmpl/intranet-tmpl/prog/en at 8c3da351307be664a879148ce4ca9215ca1c2da7 - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta 8c3da35130 Bug 19033: XSS Flaws in Currencies and exchange page 1. Hit /cgi-bin/koha/admin/currency.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> search currencies box. 3. Notice the iframe is executed 4. Apply patch 5. Reload page, and enter iframe again on search currencies box. 6. Notice it is no longer executed Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Fixes the issue, follows common practice on the codebase. Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
data	Bug 17288: (follow-up) Fix marc21_field_007.xml	2017-08-25 10:59:03 -03:00
includes	Bug 18447 - Datepicker only shows -10/+10 years	2017-08-25 11:38:46 -03:00
js	Bug 16795 - Patron categories: Accept integers only for enrolment period and age limits	2016-07-08 13:15:31 +00:00
modules	Bug 19033: XSS Flaws in Currencies and exchange page	2017-08-29 12:00:37 -03:00
xslt	Bug 15140 (QA Followup) lowercase the search index	2017-07-26 14:42:45 -03:00
columns.def	Bug 17196: Remove occurrence of marcxml in columns.def	2017-01-13 13:49:30 +00:00