]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 489f6f8) | patch
Bug 36532: Protect opac-dismiss-message.pl from malicious usages
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 5 Apr 2024 06:58:06 +0000 (08:58 +0200)
committerTomas Cohen Arazi <tomascohen@theke.io>
Tue, 14 May 2024 18:04:34 +0000 (15:04 -0300)
commit077636977606357d0634c7cad81f5eb38f6bbce3
treec98116b1472928edd31c3614a553cbc20036b854tree | snapshot
parent489f6f86fd1bf6f4a7555bbbb3b74a1908d3b3cfcommit | diff
Bug 36532: Protect opac-dismiss-message.pl from malicious usages

Really bad design, NEVER retrieve the logged in user from the CGI
param!

See comment 1 for more info

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-note.inc diff | blob | history
opac/opac-dismiss-message.pl diff | blob | history
Main Koha release repository