Bug 30969: Cross site scripting (XSS) attack in OPAC authority search ( opac-authorities-home.pl )
There appears to be a cross site scripting attack vulnerability in opac-authorities-home.pl, but may be accessible from any page using C4::Output::pagination_bar.
Test Plan:
1) Use the URL above to show the XSS vulnerability exists
2) Apply this patch
3) Restart all the things!
4) Reload the page, no XSS vulnerability!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>