]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b99731e) | patch
Bug 16599: Fix XSS in opac-shareshelf.pl
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 26 May 2016 11:03:55 +0000 (12:03 +0100)
committerBrendan Gallagher <brendan@bywatersolutions.com>
Mon, 30 May 2016 11:12:15 +0000 (11:12 +0000)
commita44a930c076fceca0f7193f488e187d9849f89b6
treec210bae61a9b14769d7bc480191ff60100878cbftree | snapshot
parentb99731e2e0290adddb5e419b8a987a9356fdf631commit | diff
Bug 16599: Fix XSS in opac-shareshelf.pl

Test plan:
- Create a list with the name "<script>alert(1)</script>"
- On the shelf list, click on share
=> Without this patch you will see the JS alert
=> With this patch applied you won't see it

Reported by Kaybee at Dionach

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shareshelf.tt diff | blob | history
Main Koha release repository