]> git.koha-community.org Git - koha.git/commit
Bug 22478: Prevent XSS vulnerabilities when pagination appears
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 14 Mar 2019 22:42:50 +0000 (19:42 -0300)
committerNick Clemens <nick@bywatersolutions.com>
Thu, 2 May 2019 13:40:26 +0000 (13:40 +0000)
commitf021ca30a5d3944a43b4f6e089b21cfd9dc02997
treed809f327281d3ac8ee25ee1a53126cb000116386
parent0fb9b9fdb080dfe8c7bccd7f83a9c63bb3c9b104
Bug 22478: Prevent XSS vulnerabilities when pagination appears

This is a bad one as we thought we were XSS safe since bug 13618.

The html code generated in C4::Output::pagination_bar must escape the
variables and values correctly.

This patch needs to be widely tested, everywhere the pagination appears,
to make sure we will not introduce regressions.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
C4/Output.pm