projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bfa7ae5) | patch
Bug 14423 : XSS bug in lateorders
authorChris <chris@bigballofwax.co.nz>
Sun, 21 Jun 2015 08:18:20 +0000 (08:18 +0000)
committerMason James <mtj@kohaaloha.com>
Tue, 23 Jun 2015 03:30:08 +0000 (15:30 +1200)
commit56f18e9e70214e7e91a42dff5ae2b3caea7911d6
treec178d39c67577e087b9884efd4a8965e7bc54bb5tree | snapshot
parentbfa7ae568706ef4c35a0a2130e1366d679b9ef87commit | diff
Bug 14423 : XSS bug in lateorders

1/ hit a url like http://localhost:8081/cgi-bin/koha/acqui/lateorders.pl?delay=<script>alert('oh noes')</script>&estimateddeliverydatefrom
2/ Not you get an alert box
3/ Apply patch notice it is fixed
4/ Test functionality still works

Signed-off-by: Mason James <mtj@kohaaloha.com>
koha-tmpl/intranet-tmpl/prog/en/modules/acqui/lateorders.tt diff | blob | history
Main Koha release repository