Bug 13510 : Fixing the third XSS issue
To test
1/ Make sure you have some items in your database, that have values in items.issue
If nessecary do something like
UPDATE items SET issues = 10 WHERE itemnumber=somenumber
2/ Hit a url like http://localhost:8080/cgi-bin/koha/opac-topissues.pl?do_it=1&timeLimit=3%3Cscript%3Eprompt%
28924513%29%3C/script%3E
3/ Notice you will get a prompt
4/ Apply patch
5/ Test again
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>