]> git.koha-community.org Git - koha.git/commit
Bug 16878: Fix XSS in opac-memberentry
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 22 Jul 2016 07:30:54 +0000 (08:30 +0100)
committerBrendan Gallagher <brendan@bywatersolutions.com>
Thu, 4 Aug 2016 19:22:00 +0000 (19:22 +0000)
commit9bdea2e3691fd62e777cc974f89b867a69eec9a8
tree4ff5bd7c4663347fbc0d51c430bb9044b7506ce6
parent91bc9451d0378d65100c828776b09395e4c88199
Bug 16878: Fix XSS in opac-memberentry

The vars are gotten from the url and sent to the template as it. They
must be escaped.

Test plan:
I have not managed to create the original issue, so there is no test
plan for the XSS fix, but you can confirm there is no regression.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
opac/opac-memberentry.pl