]> git.koha-community.org Git - koha.git/commit
Bug 36532: Protect opac-dismiss-message.pl from malicious usages
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 5 Apr 2024 06:58:06 +0000 (08:58 +0200)
committerFridolin Somers <fridolin.somers@biblibre.com>
Wed, 24 Apr 2024 05:36:20 +0000 (07:36 +0200)
commit1df8ee19943b6d112eba85bbab308ba8b550ed67
tree885eb2964dbcbbc635f2a822887274ffa30dd307
parent0a53dabd14a7f8765c1793139cb834e7bada0440
Bug 36532: Protect opac-dismiss-message.pl from malicious usages

Really bad design, NEVER retrieve the logged in user from the CGI
param!

See comment 1 for more info

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
(cherry picked from commit a40e1fd62c7320ad5f7b8514ba2bd129aad2d10f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-note.inc
opac/opac-dismiss-message.pl