Koha/koha-tmpl at d31c635fe2cc6d0b715661d35a02723a48e42e2b - Koha-community/Koha - Koha: The world's first free and open source library system

History

Amit Gupta d31c635fe2 Bug 19112 - Stored XSS in basketheader.pl page To Test 1. Hit the page /cgi-bin/koha/acqui/basketheader.pl?booksellerid=1&op=add_form 2. Add a text in the field Basket name, Internal note, Vendor note that contains java script 3. Save the page 4. Notice js is execute 5. Apply patch, reload, js is escaped. Fixed XSS on pages basket.pl/basketheader.pl/bookseller.pl Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2017-08-29 12:00:37 -03:00
..
intranet-tmpl	Bug 19112 - Stored XSS in basketheader.pl page	2017-08-29 12:00:37 -03:00
opac-tmpl	Bug 18726: Fix XSS at the OPAC - biblionumber	2017-08-29 12:00:37 -03:00
favicon.ico
index.html
intranet.html
opac.html