From 9f10889c858409dc8b5ae1b4d294758d52b329bf Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Wed, 14 Aug 2019 13:31:53 -0400 Subject: [PATCH] Bug 23451: Prevent XSS vulnerabilities in opac-imageviewer.pl And certainly in other sripts as it is in opac-bottom.inc Signed-off-by: Liz Rea Signed-off-by: Nick Clemens Signed-off-by: Martin Renvoize --- koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-bottom.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-bottom.inc b/koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-bottom.inc index 1705cee2de..af060ff7b3 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-bottom.inc +++ b/koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-bottom.inc @@ -196,7 +196,7 @@ $.widget.bridge('uitooltip', $.ui.tooltip); return false; }); $("#ulactioncontainer > ul > li > a.addtoshelf").on("click",function(){ - Dopop('opac-addbybiblionumber.pl?biblionumber=[% biblionumber | html %]'); + Dopop('opac-addbybiblionumber.pl?biblionumber=[% biblionumber | uri %]'); return false; }); $("body").on("click", ".addtocart", function(e){ -- 2.39.5