]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0a53dab) | patch
Bug 36532: Protect opac-dismiss-message.pl from malicious usages
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 5 Apr 2024 06:58:06 +0000 (08:58 +0200)
committerFridolin Somers <fridolin.somers@biblibre.com>
Wed, 24 Apr 2024 05:36:20 +0000 (07:36 +0200)
commit1df8ee19943b6d112eba85bbab308ba8b550ed67
tree885eb2964dbcbbc635f2a822887274ffa30dd307tree | snapshot
parent0a53dabd14a7f8765c1793139cb834e7bada0440commit | diff
Bug 36532: Protect opac-dismiss-message.pl from malicious usages

Really bad design, NEVER retrieve the logged in user from the CGI
param!

See comment 1 for more info

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
(cherry picked from commit a40e1fd62c7320ad5f7b8514ba2bd129aad2d10f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-note.inc diff | blob | history
opac/opac-dismiss-message.pl diff | blob | history
Main Koha release repository