]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d5421fc) | patch
Bug 14423 : XSS issues in marc_subfields_structure
authorChris <chris@bigballofwax.co.nz>
Sun, 21 Jun 2015 08:46:40 +0000 (08:46 +0000)
committerMason James <mtj@kohaaloha.com>
Tue, 23 Jun 2015 03:30:08 +0000 (15:30 +1200)
commit3336fbf142e6a8cfc767fdf137b9a437a83ddce0
tree2d55a772bf883f5d87b0658570298250be616468tree | snapshot
parentd5421fc0df1620165b714fbc2331200170e7a204commit | diff
Bug 14423 : XSS issues in marc_subfields_structure

1/ Hit a url like http://localhost:8081/cgi-bin/koha/admin/marc_subfields_structure.pl?op=add_form&tagfield=%22/%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E
2/ Notice all the alert boxes
3/ Apply patch
4/ Reload page, no more alerts
5/ Test functionality still works

Signed-off-by: Mason James <mtj@kohaaloha.com>
koha-tmpl/intranet-tmpl/prog/en/modules/admin/marc_subfields_structure.tt diff | blob | history
Main Koha release repository