Chris a5489d9936 Bug 14423: XSS bugs in catalogue search ... To test 1/ hit a url like http://localhost:8081/cgi-bin/koha/catalogue/search.pl?limit=%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E 2/ Notice alert boxes 3/ Apply patch 4/ Reload url, no alerts 5/ Check search still works Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>		2015-06-23 10:12:18 -03:00
..
acqui	Bug 14423: XSS bug in lateorders	2015-06-23 10:11:57 -03:00
admin	Bug 14423: XSS issues in marc_subfields_structure	2015-06-23 10:12:11 -03:00
authorities
basket	Bug 14329: Useless copy/pasta from Template::Plugin::HtmlToText	2015-06-08 09:47:06 -03:00
batch
catalogue	Bug 14423: XSS bugs in catalogue search	2015-06-23 10:12:18 -03:00
cataloguing	Bug 13904: Make unimarc_field_4XX displays usefull 200 subfield data	2015-06-19 11:35:57 -03:00
circ	Bug 14356: Improvements to the 'Transfers to receive' page	2015-06-22 17:30:53 -03:00
common
course_reserves
errors
help	Bug 14424: Tools Help Files for 3.20	2015-06-22 11:06:21 -03:00
installer
labels	Bug 12160: Rename intranetuserjs with IntranetUserJS	2015-05-26 10:42:07 -03:00
members	Bug 10866: Hide patron's history if intranetreadinghistory is set to not allow	2015-06-19 11:34:27 -03:00
offline_circ
patron_lists
patroncards
plugins
reports	Bug 14029: Provide 'clear' link to empty reports search filters	2015-06-11 13:08:53 -03:00
reserve
reviews
rotating_collections
serials	Bug 13662: Fix the serials.receive_serials permissions	2015-06-05 12:53:09 -03:00
services
sms
suggestion
tags
test
tools	Bug 13874: 'Rotating collections' are a circulation tool	2015-06-22 11:47:37 -03:00
virtualshelves	Bug 14416: Stored XSS vulnerability - add biblio to shelf (intranet)	2015-06-22 11:00:09 -03:00
about.tt	Bug 7143: Release team for 3.22	2015-05-27 12:44:15 -03:00
auth.tt
intranet-main.tt