Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/tools
History
Jonathan Druart f563ba795e Bug 17024: Fix XSS in tools/viewlog.pl 
Test plan:
    Hit /tools/viewlog.pl?do_it=1&modules=CATALOGUING&action=MODIFY&object=<script>alert("XSS")</script>

=> Without this patch you will see the alert
=> With this patch, no more alert

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-08-04 18:16:21 +00:00
..
automatic_item_modification_by_age.tt Bug 16437 - Automatic item modifications by age needs prettying 2016-05-31 11:57:12 +00:00
batch_delete_records.tt Bug 16438: (followup) remove item where no single icon exist for options 2016-05-05 19:49:34 +00:00
batch_record_modification.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
batchMod-del.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
batchMod-edit.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
batchMod.tt
cleanborrowers.tt Bug 10612 - Add ability to delete patrons with batch patron deletion tool 2016-04-01 19:52:13 +00:00
csv-profiles.tt Bug 15451: Better error handling 2016-07-22 17:18:37 +00:00
export.tt Bug 16548 - All libraries selected on Tools -> Export Data screen 2016-05-30 11:17:28 +00:00
holidays.tt Bug 16602 - Remove the use of "onclick" from several templates 2016-06-24 13:56:23 +00:00
import_borrowers.tt Bug 16426: follow-up of bug 15840 - correctly manage userid while inserting patrons 2016-05-06 03:41:37 +00:00
inventory.tt Bug 16454: Use 'inventory' instead of 'inventory/stocktaking' 2016-05-16 17:42:39 +00:00
koha-news.tt Bug 16372 - Replace the use of "onclick" for deletion confirmation in some templates 2016-04-29 16:11:14 +00:00
letter.tt Bug 1859: Do not display <<>> if an entry without value is selected 2016-05-16 17:25:57 +00:00
manage-marc-import.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
marc_modification_templates.tt Bug 16148 [Follow-up] - Use Font Awesome for arrows instead of images 2016-06-17 16:11:44 +00:00
modborrowers.tt Bug 16681 - Allow update of opacnote via batch patron modification tool 2016-07-15 18:07:16 +00:00
overduerules.tt Bug 16537 - Overdue and Status triggers grammar 2016-06-04 09:50:44 +00:00
picture-upload.tt Bug 15635: Koha::Patron::Images - Remove PutPatronImage 2016-03-04 12:53:00 +00:00
quotes-upload.tt Bug 16513 - Improvements and fixes for quote upload process 2016-06-24 13:47:34 +00:00
quotes.tt Bug 16513 - Improvements and fixes for quote upload process 2016-06-24 13:47:34 +00:00
scheduler.tt
showdiffmarc.tt
stage-marc-import.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
tools-home.tt Bug 16454: Use 'inventory' instead of 'inventory/stocktaking' 2016-05-16 17:42:39 +00:00
upload-images.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
upload.tt Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
viewlog.tt Bug 17024: Fix XSS in tools/viewlog.pl 2016-08-04 18:16:21 +00:00