Koha/koha-tmpl/intranet-tmpl/prog/en at c57d0b71c7b9bac44cd79c822e3009136bbf25fe - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta c57d0b71c7 Bug 19050 - XSS Flaws in Quick spine label creator 1. Hit /cgi-bin/koha/labels/spinelabel-home.pl 2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> barcode text box. 3. Notice the iframe is executed 4. Apply patch 5. Reload page, and enter iframe again on barcode text box. 6. Notice it is no longer executed Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
data	Bug 17288: (follow-up) Fix marc21_field_007.xml	2017-08-25 10:59:03 -03:00
includes	Bug 18447 - Datepicker only shows -10/+10 years	2017-08-25 11:38:46 -03:00
js
modules	Bug 19050 - XSS Flaws in Quick spine label creator	2017-08-29 12:00:37 -03:00
xslt	Bug 15140 (QA Followup) lowercase the search index	2017-07-26 14:42:45 -03:00
columns.def