projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f59fbdb) | patch
Bug 14423 : Multiple XSS bugs in suggestion.pl
authorChris <chris@bigballofwax.co.nz>
Sun, 21 Jun 2015 09:35:07 +0000 (09:35 +0000)
committerMason James <mtj@kohaaloha.com>
Tue, 23 Jun 2015 03:30:09 +0000 (15:30 +1200)
commit39e1a0107f9228381ac78ae8daeeb241c3249536
treebb5058940a63cc04fe9d6ebc61219d96e1c346f8tree | snapshot
parentf59fbdbef1f79e0940305d7d153ae22121d1004bcommit | diff
Bug 14423 : Multiple XSS bugs in suggestion.pl

To test
1/ Hit a url like http://localhost:8081/cgi-bin/koha/suggestion/suggestion.pl?author=%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&accepteddate_to=
2/ Notice alert box(es)
3/ Apply patch
4/ Reload and notice alert is gone

Repeat for
collection_title
copyrightdate
isbn
manageddate_from
manageddate_to
publishercode
suggesteddate_from
suggesteddate_to
koha-tmpl/intranet-tmpl/prog/en/modules/suggestion/suggestion.tt diff | blob | history
Main Koha release repository