From ee3bfd5d69f8f649c74e58385b8180faade875d0 Mon Sep 17 00:00:00 2001 From: Amit Gupta Date: Thu, 10 Aug 2017 21:51:38 +0530 Subject: [PATCH] Bug 19078 - XSS Flaws in System preferences 1. Hit /cgi-bin/koha/admin/preferences.pl 2. Enter in search system preferences box. 3. Notice the java script is executed. 4. Apply patch. 5. Reload page, and enter in search system preferences box. 6. Notice it is no longer executed. Signed-off-by: Chris Cormack Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart --- koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt index 28ccddcff0..ed2aa03547 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt @@ -31,7 +31,7 @@ }); }); // This is here because of its dependence on template variables, everything else should go in js/pages/preferences.js - jpw - var to_highlight = "[% searchfield |replace("'", "\'") |replace('"', '\"') |replace('\n', '\\n') |replace('\r', '\\r') %]"; + var to_highlight = "[% searchfield |replace("'", "\'") |replace('"', '\"') |replace('\n', '\\n') |replace('\r', '\\r') |html %]"; var search_jumped = [% IF ( search_jumped ) %]true[% ELSE %]false[% END %]; var MSG_NOTHING_TO_SAVE = _("Nothing to save"); var MSG_SAVING = _("Saving..."); -- 2.39.5